This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Remote SSL VPN to gain access to server on other side of Site to Site VPN

Trying to figure out how to get my SSL VPN users to gain access to a remote server on the other side of a site to site vpn.

SSL VPN users ---> ASG F/W ---> inside network
10.242.2.0 xx.xx.xx.xx 192.168.200.x (fictitious)

This works fine but now I need to add access to a remote server.
I have a site to site vpn between 2 cisco asa devices in order to get to a server say with an address of 192.168.100.100. I route all traffic on my inside network 192.168.200.x going to 192.168.100.100 from the ASG F/W to my Cisco ASA and get to the remote server fine.

But the SSL VPN users are not part of the 192.168.200.x subnet but are part of the 10.242.2.0. If I add in the SSL VPN ip range to the encryption domain of the site to site vpn... how do I add routes to the end user's ssl session?

This thread was automatically locked due to age.

0 Scott_Klassen over 11 years ago

By using the Local Network box at Remote Access>>SSL.

__________________
ACE v8/SCA v9.3

...still have a v5 install disk in a box somewhere.

http://xkcd.com
http://www.tedgoff.com/mb
http://www.projectcartoon.com/cartoon/1
Cancel
Vote Up 0 Vote Down

Cancel
0 BAlfson over 11 years ago

Hopefully, Scott's instruction will get you there. I had a complete article on exactly this topic in the old Astaro KnowledgeBase. Unfortunately, it hasn't been brought over, and all there is on the Sophos site is: How to reach a remote ipsec network via openssl user on Astaro Security Gateway

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel
0 bfulford over 11 years ago

That was it, just totally glossed over that box thinking there had to be more to it.
Cancel
Vote Up 0 Vote Down

Cancel