Currently we have clients connect into the VPN and are assigned addresses in the range 10.141.40.0/22. The default route for them is 10.141.40.1. This is on interface Ethernet0/0 (external) with IP 10.141.40.40/22.
The ASA also has Ethernet0/1 (internal) setup with IP 10.141.96.40/22. This subnet only exists for communication between the ASA and authentication servers in the 10.141.96.0/22 range.
The issue I'm having is when VPN clients are connected, I want ALL of their traffic to go out that default route (10.141.40.1), however since there is an interface in the 10.141.96.0/22 subnet, any traffic from clients trying to access that subnet are forced to go out that internal interface. I don't want that.
The question I have is is it possible to have the appliance itself route through the "internal" interface for reaching what it needs to reach, but force VPN clients to use only the "external" interface?
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...