I have an issue with a VPN tunnel which I am trying to solve in order to rollout across all our sites.
We have 70+ sites that are connected by VPN tunnel (all 1801 routers) back to our ASA firewalls. They are all setup in a similar way and allow the PC's at the remote sites to use our proxy for internet access and also access services hosted on our main site. We now have a requirement to link these remote sites, through the VPN tunnel, to a server hosted on the internet (the remote sites do not have direct internet access). I have made the changes on the ASA firewalls to allow this traffic out and, using Packet Tracer, this test ok. I now need to alter the config of the remote routers (and the ASA end of the VPN) to allow this traffic, but I am not sure how!! I have tried adding a few rules into the ACL's but it did not work so thought I would ask the experts (routers are not my forte!!)
I have attached an example Router config below (with passwords hashed out). We need to allow the clients on the other end of the VPN access to 188.8.131.52 on port 5080.
Can anybody help!!!
service timestamps debug datetime msec
service timestamps log datetime msec
logging message-counter syslog
no aaa new-model
ip dhcp excluded-address 10.96.112.1 10.96.112.127
Listen: https://smarturl.it/CCRS8E47 Follow us: twitter.com/ciscochampions
Ransomware, fileless malware, and zero-day attacks continue to target organizations around the world. In response, organizations have resorted to deploying a variety of d...
This is a general information page for Cisco Threat Centric (TC-NAC) with ISE
Threat Centric Network Access Control (TC-NAC) feature enables you to create authorization policies based on the threat and vulnerability attributes received from the th...
The 2021 IT Blog Awards, hosted by Cisco, is now open for submissions. Submit your blog, vlog or podcast today. For more information, including category details, the process, past winners and FAQs, check out: https://www.cisco.com/c/en/us/t...
Cisco Secure Endpoint (formerly AMP for Endpoints) will decommission legacy cloud servers, which results in Legacy Windows Connector Versions 3.x/4.x and Mac Connector Version 1.0.x ceasing to ...
IntroductionRequirementsWhat problem does CSDAC solve?CSDAC ComponentsConfiguration CSDAC Login Connector AdaptersCSDAC WorkflowFMC Policy Configuration with Dynamic ObjectsUse Case: Blocking IP address using dynamic object without a policy push