cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
240
Views
0
Helpful
1
Replies

Use DMZ interface on ASA to serve remote VPN?

SIMMN
Spotlight
Spotlight

Hi,

 

I am wondering if this is do-able.

 

I have a ASA with 4 interfaces: Internet, DMZ, Guest and Internal with security level increased by 20 for each one.

 

From Internet, our VPN URL(vpn.abc.com) is resolved to be Internet interface address. From Guest network, vpn.abc.com is resolved to be DMZ interface address. I am still using the legacy cisco remote vpn client...

 

I am trying to see if possible to ask user on the Guest network to use the same URL to connect for remote vpn to login to our Internal network.

 

However when I try to connect, I got deny ip spoof error, attached below. 172.24.93.254 is the DMZ interface ip address.

 

This makes me think, maybe it is not possible with ASA (running 8.4.6). I donot have anti-spoof enabled on any interface.

 

Please advise.

1 Reply 1

SIMMN
Spotlight
Spotlight

Still waiting....

Review Cisco Networking for a $25 gift card