Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1277
Views
4
Helpful
1
Replies

VPN Termination IP address

Dumpster Eightyeight
Level 1
Level 1

‎06-19-2013 07:43 AM - edited ‎03-11-2019 07:00 PM

Hi,

I am pretty sure that you can't do this in previous versions and don't think it has changed in version 9.X but though I would check in with the community before righting the idea off completely.

We are an ISP that does Managed Services, I am looking at a way too ultimately conserve IP addressing so for our managed firewall customers we want to have a private p2p subnet between the ISP PE router and the ASA firewall and then we can configure /32 static routes on the PE as and when the customers need public IP addresses. As I'm sure most of you know this will work fine for outbound dynamic and inbound static NAT's.

Can anyone confirm that in version 9.X whether there is anything we can do when it comes to l2l vpns (webvpn/Anyconnect as well but mainly IPsec l2l), can we use one of these routed public IP addresses to terminate a IPsec VPN?

I hafve lab'd it up in GNS3 on 8.4 and can't see a way of doing it, I have also seen a couple of posts online that say you can't do it either although nothing about 9.X.

Thanks in advance

Labels:
0 Helpful
1 Reply 1

andyjames
Level 1
Level 1

‎06-19-2013 08:54 AM

Hello,

Not seen anything about it in release notes and you'd think it would get a mention if you could do it. Wish they would find a way to do it though, have the same problem and have to NAT the VPN through to a router behind the ASA, bit messy but it works.

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card