Solved: PUBLIC IP TRAFFIC VIA VPN

asad_mughal_kashmiri · ‎01-23-2021

Hi All,

I have a scenario. We have a VOIP server. VoIP is only accessible publicly for specific ips. i have users sitting on remote location.

When they connect with vpn they can configure their soft phones with VOIP private ip but they cannot configure it with VOIP public IP. when i trace the traffic traffic is going via their local isp not via tunnel. I have added Voip public ip in split tunnel (Network allowed via Tunnel) while setting up remote vpn for users, so the VOIP traffic should travel via tunnel rather than local isp but its not working.

Any solution plz.

Rob Ingram · ‎01-23-2021

Hi @asad_mughal_kashmiri

Please provide the split tunnel ACL and VPN (tunnel-group, group-policy etc) configuration.

You'll also need to permit traffic to route back out the same ASA interface it came in on, add the command same-security-traffic permit intra-interface, you'll also need a NAT rule.

Example (amend the subnet and interface names accordingly):-

object network VPN_POOL
 subnet 192.168.100.0 255.255.255.0
 nat (outside,outside) dynamic interface

HTH

View solution in original post

Rob Ingram · ‎01-23-2021

Hi @asad_mughal_kashmiri

Please provide the split tunnel ACL and VPN (tunnel-group, group-policy etc) configuration.

You'll also need to permit traffic to route back out the same ASA interface it came in on, add the command same-security-traffic permit intra-interface, you'll also need a NAT rule.

Example (amend the subnet and interface names accordingly):-

object network VPN_POOL
 subnet 192.168.100.0 255.255.255.0
 nat (outside,outside) dynamic interface

HTH