09-07-2006 07:40 AM - edited 02-21-2020 01:09 AM
Hi
I need to give a remote support company access to a server behind our firewall. This company currently access 2 of our servers already by using public IP addresses which map to the servers private IPs. Unfortunately we have no public IPs left to do this again so need to think of another solution.
I set them up with VPN client s/w and added the follwing commands to the firewall
name 10.10.253.253 Metalogic_Support_Host
ip local pool Metalogic_Pool 10.10.253.253-10.10.253.253 mask 255.255.255.255
vpngroup Metalogic_Support address-pool Metalogic_Pool
vpngroup Metalogic_Support default-domain ***WITHHELD***
vpngroup Metalogic_Support idle-time 1800
vpngroup Metalogic_Support password ***WITHHELD***
access-list acl_mdc_inside_nat0 permit ip host Server1 host Metalogic_Support_Host
access-list acl_mdc_inside_nat0 permit ip host Server2 host Metalogic_Support_Host
access-list acl_mdc_inside_nat0 permit ip host Server3 host Metalogic_Support_Host
This worked fine apart from disconnecting them from their LAN which causes problems for them.
Is there a way of keeping them connected to their LAN whilst the VPN connection is active and if not is there another way of me giving them access.
We have a Cisco Pix 515e running s/w version 6.3
Any help will be greatly appreciated
Thanks
Rex
09-07-2006 10:20 AM
Turn on split tunneling. This should solve your problem. Create an ACL with the network/host you want to tunnel. Everthing else will not be tunneled.
vpngroup Metalogic_Support split-tunnel Access_List_Name
Hope this helps!
Chad
Pleae rate if this helps!
09-11-2006 06:29 AM
Thanks for the reply Chad. When you say 'Create an ACL with the network/host you want to tunnel' do you mean the network that they are accessing remotely or the LAN on which they sit? Thanks.
09-11-2006 08:38 AM
An ACL for the networks on your side of the tunnel. Networks in the ACL will be routed over the VPN. Anything not in the ACL will go out the VPN clients normal interface.
Thanks,
Chad
Please rate if this helps!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide