RAVPN and data traffic on FMC

KayaaKashyap · ‎12-12-2023

Can we configure data traffic and RAVPN traffic on same interface of FTD?

If Yes, Please share supportive document.

thanks !

Rob Ingram · ‎12-12-2023

@KayaaKashyap of course you can, that's how it work. You just enable RAVPN on the outside/external which can be the same interface for normal user data traffic.

https://www.cisco.com/c/en/us/support/docs/network-management/remote-access/212424-anyconnect-remote-access-vpn-configurati.html

KayaaKashyap · ‎12-12-2023

So for my understanding, please give your input. here I will explain my requirement:

FTD outside interface will connect to SDWAN cloud and internal network will get internet from there only.

On same interface(outside) of FTD I can configure RAVPN. Right?

MHM Cisco World · ‎12-12-2023

No problem' only make SDWAN use PAT 1:1 for port 443 from there public IP to your private FTD IP.

This make anyconnect in internet access your FTD uisng public IP of sdwan.

MHM

Rob Ingram · ‎12-12-2023

@KayaaKashyap does the FTD outside interface only connect to the SDWAN cloud? Or does the FTD have a public/routable IP address and can the FTD access the internet directly? If so you then yes, just NAT outbound internet traffic and enable RAVPN on the outside interface for Remote Access.

MHM Cisco World · ‎12-12-2023

Sure Yes friend
the Outside can use to make Internal host access Internet
and also to make Anyconnect access Internal subnet
MHM

Marius Gunnerud · ‎12-12-2023

As long as the FTD has a reachable public IP you can configure RAVPN on that interface, Data traffic passes on the interface just the same. If the FTD has a private IP connected to the SDWAN then you would need to configure NAT on the internet gateway device to forward SSL traffic between a public IP and the FTD private IP.

--
Please remember to select a correct answer and rate helpful posts