Buy or Renew
Buy or Renew
NOTICE: The community will be in READ-ONLY Sept. 6 – 9 to add Umbrella release notes and announcements. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
395
Views
0
Helpful
6
Replies

Configure ASA for dedicated connection to main office and to the Internet

AMcMillon
Level 1
Level 1

‎03-18-2016 11:13 AM - edited ‎03-12-2019 12:30 AM

Currently, our ASA 5512 is configured to route outbound traffic to the Internet and I need to be able to configure an additional uplink to a dedicated connection.  I have been using NAT for inbound access to servers over the current uplink.  Now, I need to add a second connection that will be a dedicated link to our main office.  I may still need to use NAT for inbound access over the Internet uplink; but, will not need to use NAT for the dedicated connection. 

 

Thanks,

 

Anthony McMillon

Labels:
0 Helpful
6 Replies 6

Aditya Ganjoo
Cisco Employee
Cisco Employee

‎03-18-2016 04:55 PM

Hi Anthony,

You can use policy-based routing for routing the traffic through the other link as you do not need NAT for the dedicated connection:

http://www.cisco.com/c/en/us/td/docs/security/asa/asa94/config-guides/cli/general/asa-94-general-config/route-policy-based.pdf

Regards,

Aditya

Please rate helpful posts.

0 Helpful

Marius Gunnerud
VIP
VIP

‎03-19-2016 12:51 AM

I didn't really see a question in your post.  What is the issue you are facing?

--

Please remember to select a correct answer and rate helpful posts

--
Please remember to select a correct answer and rate helpful posts
0 Helpful

AMcMillon
Level 1
Level 1
In response to Marius Gunnerud

‎03-19-2016 05:12 AM

I just wanted some guidance on setting up the appliance to use a dedicated connection for communication to the main office as well as an Internet connection for allowing acces to remote desktops and possibly remote access for management. 

0 Helpful

Marius Gunnerud
VIP
VIP
In response to AMcMillon

‎03-19-2016 05:48 AM

This second connection, what type of traffic will be going over it? is it just traffic to the main office?  Does the main office and remote office have different configured subnets?

--

Please remember to select a correct answer and rate helpful posts

--
Please remember to select a correct answer and rate helpful posts
0 Helpful

chhayheng
Level 1
Level 1

‎03-19-2016 08:24 AM

Hi AMcMillon,

From my understand.

It is possible.

1. If the additional dedicate link is VPN. From the source to destination will lookup in your routing table, so it will route to main office.
2.  You can apply remote vpn internet interface.

http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/vpn/asa_91_vpn_config/vpn_ike.html

Best Regards,
Chhayheng

0 Helpful

Marius Gunnerud
VIP
VIP
In response to chhayheng

‎03-20-2016 08:52 AM

The VPN itself isn't an issue, but this will require static routes to work, so if there are some clients that will be accessing internet or other dynamically assigned addresses over the VPN then this will need to be taken into consideration.

--

Please remember to select a correct answer and rate helpful posts

--
Please remember to select a correct answer and rate helpful posts
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card