09-25-2006 10:07 AM
Right now my VPN is setup and working properly. Basically, when a user connects to the ASA5520 VPN Server, an IP gets issued to them and they can connect. When the user tries to browse the internet it uses the user's ISP which is good.
Now I need to set it up so SSH originates from the company and not from the user's personal ISP, meaning if they SSH to another site through the VPN tunnel.
How can I do this ?
09-29-2006 11:43 AM
What's the software verison which you are using in the ASA box?
09-30-2006 07:26 AM
7.2.1
asdm 5.2
10-01-2006 06:48 PM
I have tried something before....tunnel everything...but in your case, maybe you can try something like this.
if your vpnpool is 192.168.88.1-192.168.88.254
Do a extended access-list for 192.168.88.0/24 to SSH
Then do
nat (outside) 6 access-list abc
global (outside) 6
Not very sure it will conflict with the NONAT statement or not....please let us know
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide