Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1671
Views
0
Helpful
2
Replies

VPN passthrough ASA?

N3t-Guy
Level 1
Level 1

‎01-15-2021 03:29 PM

Hello,

 

A vendor is trying to set up a site to site to site VPN connection from their network to a internal router on our network. They have a juniper router on each side with our ASA in between. I have set up a public IP that is natted to the ip address of the Juniper device inside our network. I've also set up an ACL allowing the two public IP's they will be coming from and allowing UDP 500, 4500 TCP 22 and ESP. They are unable to get the tunnel to come up and I believe it may have to do with NAT traversal but not sure what I need to do to enable the traffic to passthrough. I've also tried it without the ACL and with an ACL that allows Any, just for testing. Our ASA is a 5515-X.

 

Any help would be appreciated!!

0 Helpful
2 Replies 2

balaji.bandi
Hall of Fame
Hall of Fame

‎01-15-2021 06:51 PM

here is the information passing VPN pass through  via ASA :  

 

https://www.petenetlive.com/KB/Article/0001428

https://www.cisco.com/c/en/us/td/docs/security/asa/asa72/configuration/guide/conf_gd/inspect.html#wp1522169

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

vsurresh
Level 1
Level 1

‎01-16-2021 02:17 AM

To me, it looks like you did all the work on the ASA. As long the NAT is correctly configured, there shouldn't be an issue. Did the vendor check the logs on Juniper? You can also do a packet capture on the ASA interface facing internal-router and provide to the vendor. 

 

Regards

Suresh

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card