remote access from SSL VPN to DMZ?

SJCA
SJCA used Ask the Experts™
on
Hi Experts,

I have a cisco ASA firewall which also has DMZ on it. My SSL VPN appliance and web server are in DMZ network. My PC is on 'inside' network. From my local computer at work, I can RDP to my web server in DMZ. I also can remote from home thru SSL VPN to my computer at work but can't RDP to web server in DMZ. I guess it's possible an ACL that I need to add into ASA but can't think of anything at this point.

My PC's IP: 10.10.12.25
My web server: 173.28.25.x (public ip)
My SSL VPN: 173.28.25.y (public ip)

Any susggestions? Thanks a lot.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
a suitably sanitised copy of the current config would be useful

Author

Commented:
Hi There,

Unfortunately, I can't post the config file up here for security purposes. I drew a visio map and hope that would help you and everyone else to understand what I'm trying to do. Please feel free to ask if it isn't clear.

Note: I put myself as a Vendor who needs to go to SSL VPN and RDP to the web server.
I understand what you are trying to do, but it would be imprudent of me to suggest ACL or NAT/PAT rule changes without knowing what the existing ACL and NAT/PAT rules are.

perhaps this might be of use for sanitising the config

http://www.experts-exchange.com/Hardware/Networking_Hardware/A_10296-How-to-sanitise-a-Cisco-config-for-Experts-Exchange.html
Commented:
Hi ArneLovius,

I appreciate your reply. I added an ACL that allows the traffic from my VPN box to DMZ and that's it. It works perfectly now. Thanks.

Author

Commented:
Found the solution myself. Thanks.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial