Hello Dave: <snip> > Hello all, first time poster, please be gentle... > > I have a client scenario that I can't work out in the lab for a few > days, hoping someone here might already know if it is possible or not. > > I have a client with an ASA5505, base license, currently utilizing the > "restricted" VLAN to provide access to the internet only, across the > "outside" interface. Is it possible to make a VPN connection from the > restricted VLAN via (I assume) the "outside" interface, and gain > connectivity to the "inside" interface across said VPN? I've been able > to do similar things with IOS routers in the past, I just can't nail > down from the documentation if this would be allowed on an ASA > utilizing > the included restricted VLAN. Thanks in advance for any insight. > > Regards, > > dtb <snip>
What do you mean by restricted VLAN? The inside and outside, let's call them VLAN 1 and VLAN 2, should both work unrestricted. The restricted VLAN is the third VLAN you would use for a DMZ. If you go with the two regular VLAN's then you will be able to establish VPN connectivity from outside to inside with no technical difficulties. You may, however, have licensing restrictions if you're attempting to do SSL-based VLAN's. Regards, Mike _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/