Link to home
Create AccountLog in
Avatar of Atouray
Atouray

asked on

Allow remote VPN client connecting to on premises to acess Azure cloud server.

Am assign to configure a VPN that will interconnect both my premises Cisco ASA and Azure cloud series with side to site VPN which I have achieve. Secondly On the azure cloud server to only allow my premises Public IP network from IIS which is working fine.

My challenge is how to allow does connected remotely using Cisco VPN point to site client to connect to my premises network and then access our azure cloud server.

Your support is highly appreciated

Thank you.
Avatar of John
John
Flag of Canada image

You need to provide Static IP for site to site VPN to work properly. Where you have dynamic IP addressing (that is, not-Static), look at the services provided by DynDNS to provide the appearance of Static IP to the VPN setup.
Avatar of asavener
If your dynamic VPN uses a different IP pool from your main site, then you need to add the IP pool to the tunnel settings for the Azure connection (at both your premises  and on the Azure side).
ASKER CERTIFIED SOLUTION
Avatar of Michael Ortega
Michael Ortega
Flag of United States of America image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of Atouray
Atouray

ASKER

My issues is not about dynamic IP. the issues am facing is how to access the Azure could server by connecting to on premises network remotely using Cisco VPN client knowing that only my on premises Public IP is allowed on the cloud.
So you want to hairpin the VPN traffic to go back out the outside interface?

What version is your ASA running?

Here are configuration examples for 9.x:  http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/100918-asa-sslvpn-00.html
Atouray,

Please see my post. That should allow you to do what you need.

MO