Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
776
Views
0
Helpful
1
Replies

ASA DAP

CGI-Europe
Frequent Visitor
Frequent Visitor

‎11-22-2011 07:31 AM

Hello, I have an internet facing ASA configured with an ACL on the outside interface.  The ACL allows access to my web facing services hosted in several DMZ's. 

The ASA is also configured for anyconnect remote access VPN.  My question is do I need to specify an ACE in the ACL bound to the outside interface allowing traffic in from the network range assigned to my Anyconnect clients or should the ACL's defined in my DAP's overide the ACL bound to the interface and allow the access to my internal services?

Thanks in advance for any help.

Labels:
0 Helpful
1 Reply 1

ajay chauhan
Level 11
Level 11

‎11-23-2011 08:36 AM

You do not need to configure any ACL rules on outside interface to allow VPN pool to communicate with Inside/DMZ. Just no-nat statements are required.

Thanks

Ajay

0 Helpful
Customers Also Viewed These Support Documents