AboutPricingCommunityTeamsStart Free TrialLog in
Avatar of Atouray
Atouray
 asked on

Allow remote VPN client connecting to on premises to acess Azure cloud server.

Am assign to configure a VPN that will interconnect both my premises Cisco ASA and Azure cloud series with side to site VPN which I have achieve. Secondly On the azure cloud server to only allow my premises Public IP network from IIS which is working fine.

My challenge is how to allow does connected remotely using Cisco VPN point to site client to connect to my premises network and then access our azure cloud server.

Your support is highly appreciated

Thank you.
VPNCiscoCloud Computing
Avatar of undefined
Last Comment
Michael Ortega
8/22/2022 - Mon
John
You need to provide Static IP for site to site VPN to work properly. Where you have dynamic IP addressing (that is, not-Static), look at the services provided by DynDNS to provide the appearance of Static IP to the VPN setup.
asavener
If your dynamic VPN uses a different IP pool from your main site, then you need to add the IP pool to the tunnel settings for the Azure connection (at both your premises  and on the Azure side).
ASKER CERTIFIED SOLUTION
Michael Ortega
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
Atouray
ASKER
My issues is not about dynamic IP. the issues am facing is how to access the Azure could server by connecting to on premises network remotely using Cisco VPN client knowing that only my on premises Public IP is allowed on the cloud.
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
asavener
So you want to hairpin the VPN traffic to go back out the outside interface?

What version is your ASA running?

Here are configuration examples for 9.x:  http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/100918-asa-sslvpn-00.html
Michael Ortega
Atouray,

Please see my post. That should allow you to do what you need.

MO
Plans and Pricing
Resources
Product
Podcasts
Careers
Contact Us
Teams
Certified Expert Program
Credly Partnership
Udemy Partnership
Privacy Policy
Terms of Use

© 1996-2023 Experts Exchange, LLC. All rights reserved. Covered by US Patent