Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
809
Views
5
Helpful
3
Replies

accessing a public remote vpn from an inside interface asa 5505

Go to solution
ryanpalamara
Level 1
Level 1

‎11-09-2010 03:46 PM

I am trying to see if it is possible to accomplish what I am trying. I have an ASA 5505 with the following setup.

1. There is an outside connection, connected to the ISP. Lets say that it is 10.1.1.1/24 for ease. There is a remote VPN setup that people access through this interface.

2. There is the inside network which is the normal LAN. This is the wired network in the office. lets say that it is 172.20.0.1/24.

3. There is a wireless network on a seperate VLAN called WLAN. It has an IP of 192.168.1.1/24. There is an ACL allowing traffic from this VLAN to the public internet.

Basically I would like users to be able to use the same VPN settings that they use when connecting from outside the office while connected to WLAN.

Also I would like them to be able to access the public IP addresses that I have NAT'd to internal servers. That way they can use the IP addresses that they use when on the public internet.

Can this be done?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Maykol Rojas
Cisco Employee
Cisco Employee
In response to ryanpalamara

‎11-10-2010 08:17 PM

Hello,

Well that is not going to be possible, the only thing that you can really do is to enable the crypto map on the WLAN facing interface, by design you cannot access VPN,ping Nor manage the Device on an interface that is not directly connected to you.

Hope this helps.

Mike

Mike

View solution in original post

3 Replies 3

Go to solution
Maykol Rojas
Cisco Employee
Cisco Employee

‎11-09-2010 04:14 PM

Hello,

Is it like you want the users on the WLAN to connecto via IPsec VPN client to the outside IP address of the firewall?

Let me know.

Mike

Mike
0 Helpful

Go to solution
ryanpalamara
Level 1
Level 1
In response to Maykol Rojas

‎11-09-2010 08:10 PM

yes, that is exactly what I am trying to do.

0 Helpful

Go to solution
Maykol Rojas
Cisco Employee
Cisco Employee
In response to ryanpalamara

‎11-10-2010 08:17 PM

Hello,

Well that is not going to be possible, the only thing that you can really do is to enable the crypto map on the WLAN facing interface, by design you cannot access VPN,ping Nor manage the Device on an interface that is not directly connected to you.

Hope this helps.

Mike

Mike
Customers Also Viewed These Support Documents