Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Cisco ASA Clientless Web VPN

Posted on 2014-03-12
2
Medium Priority
?
536 Views
Last Modified: 2014-03-23
I have the below scenario...
I have a Cisco ASA firewall connected to Internet via public IP.
I have a URL published in the internet pointing to hte public IP
ex abc.test.com -> 1.1.1.1

In the ASA i have configured SSL VPN to send the request to my web server.
The ASA is configured to send the request to Web Server on port 5555
10.10.10.10:5555


So whenever user browse the URL it hits the ASA & ASA sends the request to the Web server

The web server intern connects to the App Server . The communication between App & Web Server occurs on many ports.
When the Web server talks back to the Firewall what port should the Web server should use. Does it uses the port 5555 or any other port which is used between the Web & App server.
0
Comment
Question by:SrikantRajeev
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 12

Accepted Solution

by:
Henk van Achterberg earned 1500 total points
ID: 39936128
When the ASA is connecting to the webserver it uses a random source port between 1025 and 65535. The destination port is 5555. When the server talks back to the ASA the destination port is the random port which was chosen by the ASA. The source port is 5555.
0
 
LVL 1

Author Closing Comment

by:SrikantRajeev
ID: 39949618
Thanks
0

Featured Post

Protect Your Retail Business and Reputation

Wi-Fi access doesn't just impact your business & customer experience, it can also affect your security.  Join us for an informative webinar to learn more about the top threats and trends impacting retail today, and the key solutions to protecting retail networks and reputations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Keystroke loggers have been around for a very long time. While the threat is old, some of the remedies are new!
In this article, we’ll look at how to deploy ProxySQL.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
Suggested Courses

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question