cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1051
Views
0
Helpful
4
Replies

VPN setup Question

Aalto_SysAdmin
Level 1
Level 1

Currently my ASA 5505 is setup using our WAN address from ISP for outside interface and vpn. Our ISP is changing the WAN block but not the what they call the Lan block.. It is outward facing not a private ip space. My question is how to I use the IP's in the Lan block for use in the VPN. Do I create NAT statements since the 8 ips they gave are routed across my wan IP? Little help here is appreciated. 

4 Replies 4

Reza Sharifi
Hall of Fame
Hall of Fame

I am not sure if I understand the question but if you are referring to ssl VPN, you would need to use an IP on the external site (Internet) for vpn and not internal.  Ssl vlan is for remote users to log in to a network using a public IP/name. If this is already in place, after changing the IP, you would need to change DNS as well.

HTH

We currently have 1 wan IP and 8 lan side IPs from AT&T. Current setup is using the WAN IP from AT&T which is in 12.247.7x.xxx. This what the outside interface is setup on and also the vpn. We have 8 lan side from AT&T 12.202.13x.xxx /28.  My question is to use and ip in the space from the lan side for vpn do I need to create a NAT statement since that network is routed at the ISP router to our outside address?

Since the IPs are public and provided by the ISP, there is no need for NAT.

HTH

 

The original poster keeps referring to using an IP supplied by the provider for vpn. I am not clear what he means. Is this vpn a site to site vpn? or is it a remote access vpn? In what way do they want to use the provider public IP for vpn? Perhaps if we understood this we might be able to give better answers.

 

HTH

 

Rick

HTH

Rick
Review Cisco Networking for a $25 gift card