Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi,I've been having major problems creating new tunnels since I upgraded my ASA5525-X from version 9.4 (4) 34 to version 9.8. (4) 22, all the tunnels I created before the upgrade continue to work fine.I give you an example of a tunnel that doesn't wo...
Hi,I have an inside network and a DMZ, I have some services on a server that are published internally and externally with the same address: example.test.com. For external connections I have set up a reverse proxy server in DMZ. example.test.com -> 17...
Hi all,Cisco ASA 5516 running 9.4(4)17.I was asked to configure the VPN connection so that based on the security group assigned to an AD user it is allowed to reach certain servers on certain ports. I tried to implement this request using DAP and the...
I solved it by adding a second network card to the reverse proxy with IP 192.168.1.2, I made sure that the external address points to the new IP, then:object network obj-192.168.1.2 nat (dmz,outside) static obj-220.1.1.1 dns At this point I have cre...
I need to reach the public IP address 220.1.1.1 because when the users of my company are connected (from the internal network) on a VPN of a customer, the "example.test.com" service is resolved by the customer's DNS (then the public IP address 220.1....
Hi Balaji, If I remove the NAT rule written in the first post, I can successfully reach 192.168.1.1 (but I no longer reach the IP 220.1.1.1 from the internal network). Kind regards,Luciano
Hi Muhamad, Thanks for the reply!NAT and split tunneling are correct. I found the solution, because of the command "no sysopt connection permit-vpn" I had to insert the permission in the outside ACL for the new Pool VPN. Access requests now pass firs...
