I have a client with an 5510 ASA with three interfaces configured: outside, dmz and inside. Outside and dmz are real ip addresses. The client wants a remote vpn to the network. The IP the vpn clients must connect to is the IP of the dmz interface of the ASA and they must have access to the inside network. I can't seem to make this work. What do I need to configure for this? I tried a vpn on the dmz interface and access-lists allowing access to the interface from the outside but it doesn't work. I also tried a dynamic nat policy stating that anything coming on the outside interface for the dmz interface ip is to be translated to the outside interface ip and I configured the vpn on the outside interface but this doesn't work either. Any ideas?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...