Hi,
I am wondering if this is do-able.
I have a ASA with 4 interfaces: Internet, DMZ, Guest and Internal with security level increased by 20 for each one.
From Internet, our VPN URL(vpn.abc.com) is resolved to be Internet interface address. From Guest network, vpn.abc.com is resolved to be DMZ interface address. I am still using the legacy cisco remote vpn client...
I am trying to see if possible to ask user on the Guest network to use the same URL to connect for remote vpn to login to our Internal network.
However when I try to connect, I got deny ip spoof error, attached below. 172.24.93.254 is the DMZ interface ip address.
This makes me think, maybe it is not possible with ASA (running 8.4.6). I donot have anti-spoof enabled on any interface.
Please advise.