09-14-2018 05:55 AM
We want to configure VPN on ASA to an IP Address different from the IP of the outside interface.
ASA5515, ASA Version 9.6(4)8
Our Company has two public subnets:
111.222.33.72/30
111.222.44.208/29
Outside Interface:
111.222.33.74 255.255.255.252
Default Route (to internet provider):
111.222.33.73
All traffic coming from the internet is routed by the provide to the outside interface 111.222.33.74
We have some servers in the dmz reachable from outside
111.222.44.2xx
On the ASA there is an interface configured which acts as default gateway for the systems in the dmz:
111.222.44.209 255.255.255.248
Now we want to configure Anyconnect VPN for clients outside on the address
111.222.44.213
Problem: in the Anyconnect Connection Profile we have to specifiy the Interface, usually the outside interface.
An Interface with IP 111.222.44.213 cannot be created on the ASA: ASDM gives an errormessage
"The IP address, 111.222.44.213/255.255.255.248, cannot overlap with the subnet of interface DMZ"
Is it possible to get VPN working on 111.222.44.213?
Solved! Go to Solution.
09-14-2018 06:19 AM
This is not possible. You have to use the Outside ip address (.74) to terminate the Anyconnect session.
09-14-2018 06:19 AM
This is not possible. You have to use the Outside ip address (.74) to terminate the Anyconnect session.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: