Can't access Cisco ASA 5510 by public IP behind Internet router - Page 2

wscis2012 · ‎02-06-2012

We need to deploy a Cisco ASA 5510 behind the Internet facing router for Remote Access VPN (RAVPN). We bought the block of 16 IPs (in a different subnet) which is routed through the main router (69.x.x.x)and configured the outside interface of ASA with a public IP 64.x.x.x and subnet mask 255.255.255.240. Below is the network structure.

But, we can't access the ASA by it's public IP. Please suggest.

DSL Modem → RV082 router → Switch → LAN

(69.x.x.x) ↑ (192.168.0.0)

Cisco ASA 5510

(outside: 64.x.x.x, inside: 192.168.0.172)

mvsheik123 · ‎02-07-2012

Thanks for the update Supriya. Based on your update, it sounds like RV082 provided and managed by ISP. You know your network requirement better than anyone- but if possible, I would replace the router with ASA. So ASA will be your Internet and RAVPN gateway as well. One device to manage and more security. You can even use the existing IP block without any addl ip block.

Thx

MS

Julio Carvajal · ‎02-07-2012

Hello Supriya,

Yeap, looks like MS advise is a great option here, so you can elaborate the port-forwarding on the ASA, and this will start proxy arping the Global ip addresses on the NAT.

If you want to leave the network the way it is you will need to provide to the outside interface ASA an ip address of 69.x.x.x.

Regards,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC