This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Accessing DMZ from VPN

Hello, I have a problem with Cisco VPN on UTM 9.2.

There is a internal Network, a DMZ with a web server and the VPN Pool.

Reaching the Internal Network or the internet is no problem from the VPN.

But when trying to reach the Webserver, the utm forwards the packets to the internet. In allowed Network the dmz network is also present.

I tried a policy route, not working.

Any ideas?

thanks
Michael

This thread was automatically locked due to age.

Parents

0 BarryG over 10 years ago

Hi, maybe a bad SNAT, MASQ, or uplink balancing rule?

Barry
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BarryG over 10 years ago

Hi, maybe a bad SNAT, MASQ, or uplink balancing rule?

Barry
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 mik_01 over 10 years ago in reply to BarryG

Hi Barry,

you were right. When I disabled the masquerading rule from vpn to outside, it worked. Traceroute the ip showed 2 hops. The traffic goes first to the address of the outside interface (where its masked with the masquerading rule enabled) and then to the web server in the dmz, don't know why?

BTW: The Webserver is secured by Webserver Protection, but I pinged the DMZ IP.
Thanks,
Michael
Cancel
Vote Up 0 Vote Down

Cancel