In order to give access for my customers to my internal network, I installed a VPN client configuration on my 6.3 (5)Pix, everything is fine, but, for security issues, I need to implement some control for them, thing is, in my access-list says permit ip x.x.x.x to my internal, Ok?
I changed my access-list to permit tcp x.x.x ....x.x.x.x eq x, permitting only the port they need to access my aplication, but it is not working.
logg says ?? there is not translation for x.x.x. to x.x.x??, but, if I modify my access-list to permit ip x.x.x...,
You'll have to be more specific. Which access-list are you talking about? Do you have sysopt connection permit-ipsec in your configuration? Could you post a clean configuration and explain the access you want to allow? Thanks.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...