cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to the Cisco Small Business Community

Have a question? Click on a topic board below to get started in the community.

3956
Views
0
Helpful
1
Replies
westsidepcsysadm
Beginner

SSL VPN from the guest zone(from internal) to escalate access level

Hi guys, I'm ISA500 user. Single wan.

I have a configuration that all the wireless APs are connected to guest zone. Basically co-operate resources are sitting on default LAN zone as well. Because of BYOD, I cannot easily make ACLs to allow devices to utilize default zone resources.

One thing I'm thinking is that if I can make SSL VPN working from the guest zone, the assigned VPN zone IP address and the splitted routing can let me access default LAN zone resources.

Tried to make that happen with NAT hairpinning but the VPN daemon is bound with WAN IP only so could not make internal communication.

Anyone tried to make some case like this?

1 REPLY 1
SHAWN EFTINK
Contributor

I've never had a need to set it up this way, but to the best of my knowledge there is no way to do that. Sorry.

Sent from Cisco Technical Support iPhone App

Shawn Eftink CCNA/CCDA Please rate all helpful posts and mark correct answers to assist others searching for solutions in the community.
Create
Recognize Your Peers
Polls
How would you describe your level of technical expertise?