06-15-2019 09:04 AM
Hi everybody;
We want to configure Cisco's anyconnect service to offer around 50 VPN employees to connect to our offices. The problem with what you can see in the topology is that employees must point to one of our Public IP's to link to our datacenter. The question is, if the ASA is below in the topology that I show you, how to configure properly so that users can connect correctly via VPN?
06-15-2019 09:51 AM
Not a perfect setup for the ASA ... I would set it up AnyConnect VPN the following way:
06-15-2019 10:56 AM
Thank you, to be clear, for router 1 is this enough configuration to implement this?:
Router 1:
interface GigabitEthernet0/0
description Outside interface
ip address 2.2.2.2 255.255.255.248
ip nat outside
interface GigabitEthernet0/1
description Inside interface
ip address 192.168.23.2 255.255.255.248
ip nat inside
ip nat inside source static esp 192.168.23.10 interface gigabitEthernet 0/0
ip route 0.0.0.0 0.0.0.0 2.2.2.3
ip nat inside source list 1 interface GigabitEthernet0/0 overload
06-15-2019 11:31 AM - edited 06-15-2019 03:30 PM
You configuration implies that you don't have a dedicated IP for this? Then the forwarding depends on the ASA config:
06-15-2019 11:56 AM
Hi,
i don't dedicated Public IP Address, it's the same for the internet traffic of my company.
Kind regards.
06-15-2019 03:31 PM
Not perfect but it will work. Just do a NAT/PAT for the ports as mentioned.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: