Hi everyone. I'll post the config at the end - please allow for my brief commentary. I have a working site to site between two asa. I also have a working anyconnect ssl session to the main site. I am not interested in split tunneling, tunnel all is n...
Hi:
I have an ASA 5520 configured only for vpn termination. It is not the network's firewall, security appliance, etc.
On the primary firewall (non Cisco) I have hairpinning set up to allow local client to access publicly natted resouces by the p...
First of all, thank you to any who respond.
I recently set up an ASA5520 for anyconnect ssl vpn.
It is ONLY being used to terminate the vpn connection; not for firewall, security, etc.
It is using a single interface (named gbe0 in my instance)....
Ok, thats not at all the right syntax I thought would be the correct way to do it, but it completely works. In the first nat statement for LOCAL_LAN_NET, would any local subnet the RAVPN wants access need to go here (its multiple) separate from any s...
Marius:
Thanks for your reply.
Sort of, not quite. I utilize split dns only for exchange. All other publicly natted hosts are on external records.
My issue is only when users are connected to the vpn. Otherwise all services lookup normally.
W...
Hi:
I did. The packet was allowed.
I am beginning to uncover what it happening.
I run split dns (eg. with the exchange host). so it is able to access that resource locally when connected to the vpn.
As I stated, there is a single public ip. W...
John:
Thanks for your reply.
I should have been more clear. Everything is resolvable globally via dns. This site has a single ip and all services are running on different ports. This site also hosts many natted services.
E.g. exchange is anothe...