Cisco VPN: Design/Security question
Posted on 2013-05-31
I have a Design/Security question to ask about CIsco VPN Implementation:
In my cpmpany the current VPN solution is not configured so that clients connected to the VPN are reached from within the company's internal network. So that means, once the client is connected to the company network via VPN the client can initiate a connection to any device within the internal company network, but a server in the internal network cannot initiate a connection with a client that is connected via VPN session.
Is this normal implementation ?
Also, is there a security reason for implmenting VPN solution this way ?
In order to change this will there be changes made to VPN and Firewall configuration to routing and tunnelling settings so that servers on the internal network can talk to clients connected via VPN.
Will ther be any changes made to the AnyConnect client etc ?