Recent content by boymarty24

Attached a simple layout. So VPN networks have to travel through the 800 router. As you said Brent i assume a full DMZ will do this the best way but how exactly. http://www.dataphone.se/~martyboy/network.jpg

Hi, Yes i know. They have shipped a configured router for access to their network. The WAN public IP is one of ours ( not beeing used of course ) but the LAN side is as i said a public network ( .252 ) The Public IP on the LAN side is NOT ours but something the configured. So on the cisco...

Hi! We have a customer with one ASA5505 base license. They are going to get connected to another company by VPN. This company is very strict about who´s connecting so instead of using the ASA as VPN device they have configured and shipped a cisco 800 router. This router is configured with a...

Brent, That makes sense! Thanks for you answers

Hi! Can someone give me a good explanation why you should use outbound access-lists instead of inbound. Example. I want to restrict inside users to only use http and https. As i understand you can use inbound on inside interface or/and outbound on outside interface. I have always used...

I solved it. Added a global outside and now it works like a charm. Thx buddy!

Hi, I have no problems getting the vpn tunnel to work but the clients on the remote network don´t have any internet access. I assume it has something to do with NAT at the HQ side but i can´t figure it out.

Thx, How should the crypto ACL look like at HQ? access-list 101 extended permit ip 1.1.1.1/24 2.2.2.2/24 or?

I assume i need to disable all NAT at my remote asa and change the VPN acl to ANY.

Hi, I am about to configure a site to site VPN between to ASA. I have no problem setting up the tunnel but i want one ASA to use the HQ ASA as internet gateway. I know this is possible but i havent tried it yet. Any ideas anyone? If you got any information on Ciscos homepage it would be...

Don´t put your vpn-pool on the same subnet as your local lan. Chose a different subnet for the vpn-pool. Your nat exempt looks weird. It should be something like this access-list no_nat extended permit ip "local lan" "vpn pool"

Have you added a bookmark with FTP?

I have done some more testing and i am getting mixed results. The polices work 100%. The host scan checks 5 different registry and filechecks. Firefox works but when i use the RDP plugin i can´t use swedish characters. With IE it works 100%

Sorry typo. I meant i CAN post the result here when i have done some more testing =D

As unclerico says it shouldnt touch your LAN. You can try disabling the proxy ARP for the inside interface but thats just a longshot