VPN between ASA and Router

moussa.malqui1 · ‎02-02-2017

Hi all,

I have a VPN between 2 sites between 2 routers, in my LAN i have a router and firewall ASA, what i should configure between ASA and Router in my LAN ? my archetecture as following:

thanks in advance,

Regards,

MM

Kanwaljeet Singh · ‎02-02-2017

Hi MM,

It all depends what is your requirement. Do you want traffic between ASA and your LAN router encrypted or you want that your LAN be default gateway of ASA and send every traffic it receives from ASA via VPN?

If you want VPN, then you can establish VPN between ASA and router but since it is in your LAN/network itself, you can simply route the traffic to router for it to go through VPN or otherwise depending upon routing.

Regards,

Kanwal

Note: Please mark answers if they are helpful.

moussa.malqui1 · ‎02-03-2017

i wanna just to link ASA to router without VPN because it's in my LAN, what is the configuration i should put ?

Mohammed al Baqari · ‎02-02-2017

Hi,

I believe you are using ASA in routed mode and your LAN gateway is ASA (for 10.10.10.x/24 subnet). If this is correct, then you need to configure /30 (for example) subnet between ASA and your router for ASA to send the traffic to router which intern forward the traffic over VPN tunnel. Same thing, the router will forward received traffic to ASA when sends it (if allowed) to your LAN.

Now this can be become more complicated if you decide to create zones on ASA and subnet interfaces on the router. Additional layer of complexity if your router to be configured for multi-vrf model.

In short, it allow depends on your requirements but /30 subnet is the simplest step.