[fw-wiz] ASA 5510 problem



I have a Cisco ASA 5510 with an External, Internal, and DMZ
interfaces. I have a mail server in the DMZ and I have configured
the ASA so that I can get to it internally an externally, however,
when I log in using the IPSEC VPN I cannot connect.

The internal address range is 192.168.100.0/24
The dmz address range is 192.168.200.0/24
The VPM pool range is 10.10.10.10/24

I have mappings internally to so that any 192.168.100 host can
connect to the mail server at 192.168.200.25, but the VPN access
issue has me flummoxed.

Cisco has examples of VPN or DMZ, bit nothing with info on both.

Any pointers would be greatly appreciated.



Thanks,
Zeke

--
James "Zeke" Dehnert
mailto:jdehnert@xxxxxxxxxxxxxxxxxx
Phone: +1 707.546.6620 x602 Fax: +1 707.324.8043
"Life is racing, everything else is just waiting"


_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards



Relevant Pages

  • Re: Firewall and DMZ topology
    ... If the MAIL server is in the DMZ. ... >able to sniff all the traffic on the internal side of the firewall, ... >>The Gartner Group just put Neoteris in the top of its Magic Quadrant, ...
    (Security-Basics)
  • Re: [fw-wiz] ASA 5510 problem
    ... Can you post snippets of the configuration? ... I have a Cisco ASA 5510 with an External, Internal, and DMZ ... when I log in using the IPSEC VPN I cannot connect. ...
    (Firewall-Wizards)
  • Re: Best practices for internal/external servers
    ... Add another network interface to the ... >> mail server and connect it to the DMZ switch. ... >behind a firewall (NAT routing and inbound VPN). ...
    (comp.mail.imap)
  • RE: Email server+network architecture
    ... There doesn't have to be ONE DMZ. ... "internal" mail server. ... Communications with 'customer data' are not permitted ... permit smtp/POP3 to all users outside, and this does not meet the 'no ...
    (Security-Basics)
  • Re: Firewall and DMZ topology
    ... Tha basic idea is that the firewall will ... So the LAN will be isolated ... from the DMZ ... ... > If the MAIL server is in the DMZ. ...
    (Security-Basics)