11-21-2018 06:23 AM
Hi All,
Need your urgent help.
We have configured webvpn on ASA. Users are able to login to the portal but they are not able to access any of the bookmarks.
One thing I want to understand is, how to NAT users Source IP with Internal interface IP of the ASA.
Because we have created rules in backend firewall for Internal interface IP of ASA and if traffic doesn't get NATed on ASA it will have actual public IP as source IP which be blocked by backend firewall.
Can anyone help me with the details that where and how should I do NAT configuration in ASDM/CLI?
11-21-2018 07:36 AM
11-21-2018 11:43 PM
Thanks Shakti,
So that means ASA by default does the NATing and connects to backend server with its own inside interface IP?
In this case I need to only allow inside interface IP for destination in back firewall.
Is it right understanding?
---
Regards,
Sagar Phadatare
11-22-2018 01:41 AM
hi,
Well NAT'ing is not the right word here, ASA does a proxy with it's own IP address.
Yes, you need to permit the INSIDE IP address of the ASA.
PS:- Please mark the answer correct if it is helpful
Thanks,
Shakti
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide