03-06-2013 07:09 PM - edited 03-11-2019 06:10 PM
Is it recommended to place my ASA before the router? I want to terminate all of my VPN traffic on my router. So it would be Internet -> ASA -> router -> users
Thank you
Sent from Cisco Technical Support iPhone App
03-06-2013 08:13 PM
Hello Peter,
Well, you can make it happen but my question would be:
Why wont you use the ASA to both terminate the VPN connections and protect your network?
Regards,
03-07-2013 08:53 AM
there is an requirement to terminate on the router (3845). Do I need to give the router public IP or private IP?
03-07-2013 11:21 AM
Hello Peter,
Gotcha, public IP address as that is where the other say should point as the VPN peer,
Let me know if you have any questions
Check your private messages
03-09-2013 06:49 PM
How can I allow the VPN traffic through the ASA and terminate on the router? Is this possible?
Internet -> ASA -> Router -> User
Sent from Cisco Technical Support iPhone App
03-09-2013 08:22 PM
Hello,
Yes, you can.
Just allow the right protocols and layer 4 ports,
If it's an IPSec tunnel:
UDP 500 (Isakmp)
ESP ( Protocol 50)
AH( Protocol 49)
Regards,
Julio Carvajal
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide