Home | Site Map | Cisco How ToNet How To | Wireless |Search | Forums | Services | Donations | Careers | About Us | Contact Us|

Ciscp VPN users can't access website in DMZ

Cisco Router, Firewall, VPN, SDM, ASA and Switch

Ciscp VPN users can't access website in DMZ

Postby chicagotech » Thu Dec 14, 2017 6:36 pm

Situation: The client is running Cisco ASA firewall as VPN server. After establishing VPN connection, the users cannot go to portal.chicagotech.net website which is located in DMZ.

Cause: VPN IP range 192.168.108.0/24. When it is routed to the portal.chicagotech.net with DMZ IP 172.16.80.10, firewall blocks the traffic.

Resolution: Add nat and access list rule, for example
ip/pri/act(config)# sh ip
ip/pri/act(config)# $ static DM_INLINE_NETWORK_1 DM_INLINE_NETWORK_1 dest sta
ip/pri/act(config)# nat (dmz1,outside) 4 source static DM_INLINE_NETWORK_1 DM_$
access-list hsavpn_splitTunnelAcl standard permit 172.16.0$
write mem
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
chicagotech
Site Admin
 
Posts: 7146
Joined: Mon Nov 27, 2006 1:24 pm
Location: Chicago USA

Return to Cisco

Your Ad Here

Who is online

Users browsing this forum: No registered users and 3 guests