Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
708
Views
0
Helpful
1
Replies

I want ASA to use internal interface as a source IP in communication towards outside

mizoran78
Level 1
Level 1

‎09-23-2011 02:43 AM

Hi

I have a authentication chalenge on my ASA.

I have site to site IPSec VPN between to offices of one company. Everybody can communicate to each other, everything is open between those two subnets. In addition on local ASA remote users use remote-access vpn to connect to local ASA and that's ok. They are being authenticated against local user database.

But if I want to set up authentication of those users against one remote MS AD server, remote means it is in the remote subnet, I don't get reply from remote server at all. I can see that ASA uses IP addr of external interface as its src IP and doesn't further through the VPN tunnel.

I have tested it: if I simply ping remote server IP, it doesn't reply, but if I use extended ping, and inside interface as source, it works. And it totally makes sense.

But can I somehow make my local ASA to use internal interface as its src IP?

10x in advance

Zoran

Labels:
0 Helpful
1 Reply 1

mizoran78
Level 1
Level 1

‎09-23-2011 07:04 AM

Solved!

0 Helpful
Customers Also Viewed These Support Documents