[c-nsp] VPN traffic to the Internet ... (ASA)
Alan Buxey
A.L.M.Buxey at lboro.ac.uk
Mon Sep 7 04:54:17 EDT 2009
Hi,
> > What am I missing here?
your ASA cannot be that IP - so is probably just dropping
those packets as invalid... what you need to do is set up a
proxy (eq squid) on your internal network that has an address
within the 'allowed IP range' and then configure the ASA to
use that proxy - your mobile clients can then use that
proxy to get access to that address. ... .. but you may need
to check eg licencing to see if they're allowed to access
that resource when off your site (why is it protected to just
that IP address range in the first place? :-) )
alan
More information about the cisco-nsp
mailing list