Solved

Cisco ASA Clientless Web VPN

Posted on 2014-03-12
2
530 Views
Last Modified: 2014-03-23
I have the below scenario...
I have a Cisco ASA firewall connected to Internet via public IP.
I have a URL published in the internet pointing to hte public IP
ex abc.test.com -> 1.1.1.1

In the ASA i have configured SSL VPN to send the request to my web server.
The ASA is configured to send the request to Web Server on port 5555
10.10.10.10:5555


So whenever user browse the URL it hits the ASA & ASA sends the request to the Web server

The web server intern connects to the App Server . The communication between App & Web Server occurs on many ports.
When the Web server talks back to the Firewall what port should the Web server should use. Does it uses the port 5555 or any other port which is used between the Web & App server.
0
Comment
Question by:SrikantRajeev
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 12

Accepted Solution

by:
Henk van Achterberg earned 500 total points
ID: 39936128
When the ASA is connecting to the webserver it uses a random source port between 1025 and 65535. The destination port is 5555. When the server talks back to the ASA the destination port is the random port which was chosen by the ASA. The source port is 5555.
0
 
LVL 1

Author Closing Comment

by:SrikantRajeev
ID: 39949618
Thanks
0

Featured Post

Space-Age Communications Transitions to DevOps

ViaSat, a global provider of satellite and wireless communications, securely connects businesses, governments, and organizations to the Internet. Learn how ViaSat’s Network Solutions Engineer, drove the transition from a traditional network support to a DevOps-centric model.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Network over eigrp 100 topology ? 3 93
Cisco router 4400 and switch connection. 27 82
VPN  services - questions and recommendations 7 59
Where is the second IP address? 8 49
Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
Outsource Your Fax Infrastructure to the Cloud (And come out looking like an IT Hero!) Relative to the many demands on today’s IT teams, spending capital, time and resources to maintain physical fax servers and infrastructure is not a high priority.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question