Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
565
Views
1
Helpful
1
Replies

WebVpn Deployment

MARTIN HUERTER
Level 1
Level 1

‎05-22-2012 07:28 AM

I will be moving our ASA 5520 firewall/VPN appliance to a new location in our network. In the near future I would like to split the firewall and VPN functions to two seperate ASA 5520's, but for now I am keeping them together. My question is, I would rather put an RFC 1918 IP Address on the inside and outside ASA interfaces? The interfaces connect in and out of the same router (aka firewall on a stick) and the router will be doing the forwarding and receiving packets, just simple static routes for packets to be sent in then back out of the firewall/VPN box. The way the ASA is currently deployed, it has public IP Addresses assigned to the outside interface in order for off site users to remote VPN in to our enterprise network (i.e. webvpn.college.edu = 100.100.100.1 public IP). Is there anyway to configure the WebVpn URL's for a public IP Address, but leave the outside interfaces non-routables?

I need to add, the 100.100.100.1 (not the real address) public IP Address is the one assigned to the outside interface of our ASA and is the same address that equals to http://webvpn.college.edu.

Labels:
0 Helpful
1 Reply 1

Christopher Bell
Level 4
Level 4

‎06-19-2012 06:46 AM

I'm going to assume you are using NAT on the router rather than the ASA?  If so, it sounds like all you wout have to do is NAT the "outside" interface of the firewall to a public IP that is translated on the router.  Is there a reason why you don't want to give the ASA a public IP?

If this posts answers your question or is helpful, please consider rating it and/or marking as answered.
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card