Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
529
Views
0
Helpful
1
Replies

Forcing remote VPN to use specific ASA interface ?

dominic.bilodeau
Level 1
Level 1

‎05-17-2006 07:18 AM - edited ‎02-21-2020 12:54 AM

Hi,

We have an ASA-5520 that is use for our remote VPN users and I've set it up with multiple DMZ interfaces (vlan). There is a Microsoft-ISA server between the ASA and our internal network and this ISA has interfaces that matches those on my ASA server.

My goal is that I want to force a specific vpn group or address-pool to go through a specific interface on the ASA so I only have to manage access-list on the ISA server, for each DMZ.

The reason why I'm doing this is that there will be also some workstations right on the lan (at our office) in these same DMZ, so I only have to create rules on the ISA wether users are connecting from their PC at the office or through their remote VPN connection.

Is there any way I can acheive this ?

Thanks,

Dominic

0 Helpful
1 Reply 1

mpalardy
Level 3
Level 3

‎05-19-2006 07:13 AM

Hi Dominic,

You may want to use downloadble access-list's on the ASA to achieve this. This way for each user or group you will permit traffic to source/destination as required in premises.

If dnld ACL's is not an option, simply route traffic from your address pool to the desired ISA interface.

Michel

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card