Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
380
Views
0
Helpful
0
Replies

I need Support, how to configure internet network(outside), inside network(inside) and none internet data network(VPN) on ASA 5505 V8.2

Mateyas
Level 1
Level 1

‎01-13-2018 02:56 AM - edited ‎02-21-2020 07:08 AM

Dear all

Our company has 3 branch office all of them has internet connection using Cisco ASA5505 V.8.2(5) now we purchase none internet VPN Line form ISP to interconnect branch offices to Head office.

 

Now we need to converge all internal network, internet network and VPN network on the ASA5505  firewall

after the following configuration we get a connection from Head office to branch office VPN interface (i.e. HQ -----> Branch Office "VPN"interface only) and internet connection

and  from branch office to head office inside network (Branch Office ----> HQ "inside") not accessible of course we can access Head office VPN interface 

 

Hear is sample config.

 

ASA Version 8.2(5)
!

Omitted

!
name 192.168.195.0 branch1
!
interface Ethernet0/0
switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
switchport access vlan 10
!
interface Ethernet0/6
!
interface Ethernet0/7
!
interface Vlan1
nameif inside
security-level 100
ip address 192.168.145.1 255.255.255.0
!
interface Vlan2
nameif outside
security-level 0
ip address 192.168.120.254 255.255.255.0
!
interface Vlan10
nameif vpn
security-level 0
ip address 192.168.100.2 255.255.255.0
!
ftp mode passive
dns server-group DefaultDNS
domain-name
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
!
Omitted
!
object-group service DM_INLINE_SERVICE_2
service-object ip
service-object icmp
service-object icmp echo
service-object icmp echo-reply
service-object udp
service-object tcp
service-object tcp-udp eq www
service-object tcp eq domain
service-object tcp eq echo
service-object tcp eq ftp
service-object tcp eq www
service-object tcp eq https
service-object udp eq www
service-object udp eq tftp
object-group network DM_INLINE_NETWORK_1
network-object branch1 255.255.255.0

object-group service DM_INLINE_SERVICE_3
service-object ip
service-object icmp
service-object icmp echo
service-object icmp echo-reply
service-object tcp eq 5938


access-list outside_access_in extended permit object-group DM_INLINE_SERVICE_1 any any

access-list vpn_access_in extended permit object-group DM_INLINE_SERVICE_2 any any


pager lines 24
logging enable
logging asdm informational
mtu outside 1500
mtu inside 1500
mtu vpn 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400

global (outside) 1 interface
global (vpn) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0

access-group outside_access_in in interface outside
access-group vpn_access_in in interface vpn

route outside 0.0.0.0 0.0.0.0 192.168.120.1 1
route vpn branch1 255.255.255.0 192.168.100.1 1
!
Omitted
!

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card