Solved

Cisco ASA 5505 VPN accessing Inside and DMZ VLAN

Posted on 2013-11-17
4
857 Views
Last Modified: 2013-11-23
We have a terminal that people are accessing via a VPN into the Cisco ASA. The ip address of the ts is 192.168.16.2 (ASA 192.168.16.254). Works fine (users get allocated 192.168.200.x IP address via VPN). However, a site that the users go to is on the same subnet. Thought of getting around it by using a second NIC in the TS, configuring it as 192.168.100.1, setting up DMZ VLan in ASA. Also through TS Host, have configured it for lower colour depth, etc etc. They then can vpn in and access the tserver on 192.168.100.1. I have set it up but cannot access the termianl server on this address. The TS can ping the gateway okay (192.168.100.254). I have included a copy of the config and a diagram of how it is to ber setup.

Thanks,Diagram of setupVPN-Mulitple-Vlans-Conf.txt
0
Comment
Question by:greentriangle
  • 3
4 Comments
 
LVL 16

Expert Comment

by:btassure
ID: 39655723
If I understand this correctly you have a number of remote users who all need to access a terminal server which has (had?) a single IP on the 192.168.16.0 network. This is the same subnet as the remote site.

I assume that because it was working you were tunnelling all traffic over the VPN which in turn prevented the remote users from being able to see the 192.168.16.0 network at their site?

If all of the above is correct, would it not be possible for you to only tunnel the IP of the terminal server? Assuming it is not in use and required at the remote site?

Failing all of that have you checked the TS config to ensure it is actually listening on the new NIC's IP address? Depending on how it was built it might not be set to listen for connections on all IPs...
0
 

Author Comment

by:greentriangle
ID: 39655814
Hi. The terminal server is configured as 192.168.16.2. Unfortuanately, there is also a server at the remote site with the same IP address, hence the reason setting up a different address for the TS (192.168.100.1). The NIC is listening okay on 192.168.100.1 and has been configured under TS Host configuration for the external RDP on that IP Address.
0
 

Accepted Solution

by:
greentriangle earned 0 total points
ID: 39656115
Hi there. Problem has been resolved so all good. Cheers!
0
 

Author Closing Comment

by:greentriangle
ID: 39671036
Fixed internally
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How does VLAN work? Scenario: (please read the question) 11 102
Stack Switches in IOU  web V22 6 63
CCNA Data center exam questions 8 80
RDP on 4321 Router 33 49
From Cisco ASA version 8.3, the Network Address Translation (NAT) configuration has been completely redesigned and it may be helpful to have the syntax configuration for both at a glance. You may as well want to read official Cisco published AS…
I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now