Is there any reason why RA VPN should or shouln't be allowed from inside the network? I have someone that mentioned that they were unable to vpn in (to our ASA) from inside the network. Bascially, I had a user that connected his personal pc to the network and pulled an ip address and then attempted to VPN in to gain access to his personal folders. Thanks in advance.
Firstly, VPN is normally just enabled on the outside interface, instead of all the interfaces of the firewall/ASA.
Secondly, if he is connecting from the internal network, then he can't cross connect to the ASA outside interface where VPN is normally connected. ASA needs to be configured to allow/enable VPN on the inside interface, and then he needs to connect to the inside interface of the ASA.
However, I don't quite understand what the VPN will achieve in this case if he is connecting from the internal network anyway. VPN is to provide secure access through the Internet. If he is already in the internal corporate network, eventhough he is using his personal computer, there won't be any added security because traffic just flows within your internal network, not flowing off the Internet which is the sole purpose of VPN (encrypts traffic when it's on the Internet).
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :