08-12-2012 03:25 AM - edited 03-11-2019 04:41 PM
Hello,
I've configured ipsec vpn, and it's working fine,
I've done split tunneling, so the users would be also able to connect to the Internet as well
The complication is this,
I have an outside server, of another company that the VPN users need to connect to via http
The issue arises, that only one ip address is allowed to access this server, which is my asa public address
The vpn users connect to the Internet through their private Internet, which mean that they get a different ip, and cant access that server
Is there any way to allow communication through the vpn to that server?
I would appreciate any help I can get with this, because as of now, there isn't really a point in the vpn, because that's their main work
I'm using asa 5510 version 8.4(4), ASDM 6.4
Thank you.
Solved! Go to Solution.
08-12-2012 04:42 AM
You would need to configure that server ip address in the split tunnel list.
Then you would need to enable "same-security-traffic permit intra-interface" on the ASA.
Lastly, you would need to configure NAT on the outside interface for the VPN Pool subnet, to be PATed to the same ASA public ip address, that way, the VPN users will route the traffic destined towards that server via the vpn tunnel, and hair pin on the ASA using the ASA public ip address to access the server.
08-12-2012 04:42 AM
You would need to configure that server ip address in the split tunnel list.
Then you would need to enable "same-security-traffic permit intra-interface" on the ASA.
Lastly, you would need to configure NAT on the outside interface for the VPN Pool subnet, to be PATed to the same ASA public ip address, that way, the VPN users will route the traffic destined towards that server via the vpn tunnel, and hair pin on the ASA using the ASA public ip address to access the server.
08-12-2012 06:44 AM
I've figured it out a bit before,
And it was as you've said,
Basically all that I was missing, was NAT on the outside interface
Thank you.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide