Hi Segun My comments inline.
With regards Kings On Fri, Oct 16, 2009 at 10:04 AM, 'Segun Daini <[email protected]> wrote: > Hi King, > > You cannot telnet to the interface with lowest security level on ASA. > > <kings> sysopt connection permit-vpn should take care of it right? > To telnet to the inside interface, create a static nat of the ip to > outside. And permit access to it on the outside interface. > > <kings> If I configure static, the mapped IP should also be interesting > traffic of the IPSec VPN, if I need to access inside through VPN. With VPN, > I get the access to the inside network without the need of static right? > Then to access the inside interface, is static rule neccessary? > > Regards > > ------------------------------ > *From:* Kingsley Charles <[email protected]> > *To:* [email protected] > *Sent:* Fri, October 16, 2009 5:30:47 AM > *Subject:* [OSL | CCIE_Security] Telnet across IPSec connection > > Hi all > > I am trying to telnet from the IOS router which is the remote IPSec peer to > the outside and inside interface of the ASA. But the Telnet fails. > > > The VPN tunnel is UP. > > The following are configured: > > sysopt connection permit-vpn > > access-list mine permit ip any any > access-group mine in interface outside > > telnet 0.0.0.0 0.0.0.0 outside > telnet 0.0.0.0.0 0.0.0.0 inside > > What is preventing me to telnet? > > > > > > With regards > Kings > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
