cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
126
Views
0
Helpful
0
Replies
Beginner

ASA access to website via wan but not thru tunnel?

ASA access to website via wan but not thru tunnel?

Hello,

We have an ASA that allows us to access a webserver (nat) when connecting to it on the wan (outside). We also have a pptp tunnel that goes thru the asa and terminates on another device on the inside. The pptp is NOT on the asa. When a pptp client connects, they receive an IP from the pool of the pptp server that is in the same subnet of the webserver. We cannot access the webserver thru the tunnel. We can ping it's IP. Also a remote point to point Ipsec tunnel can ping the webserver on it's inside IP but not access it. This tunnel DOES terminate to the asa

jira = inside web server 
name 172.24.94.105 jira

jiraout = public IP applied to asa outside
name *.*.237.228 jira-out

access-list acl-out extended permit tcp any host jira-out eq https
static (Inside,outside) jira-out jira netmask 255.255.255.255 tcp 0 8192

I need to get to Jira thru the pptp and IPsec tunnels only. So from a pptp client and thru point to point tunnel from India.


Attached sanitized config