cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
743
Views
0
Helpful
3
Replies
Highlighted
Beginner

ASA VPN hairpinning (one interface)

I am in need of some help. I currently need help setting up an ASA to terminate a site to site VPN using just one interface. I believe I can get this configured using hairpinning but wanted to see if anyone had experience configuring an ASA with VPN in this way. 

I am currently running version 8.4.3  Here is a diagram of how I need the ASA to be configured.

                ^^^^^^^^

               ( internet )

                vvvvvvv

                     |

                     |

                     |

                   --------

                 | router |

                   --------

                      |

                      |

  _____        |

|   ASA   |----|

  ---------        |

                      |

                ___|__

               | switch |

                ----------

                     | | |

                     | | |

                    /  |  \

                  /    |    \

                /      |      \

     ---------     ---------    ----------

    |  SRV  | |  SRV  | |  SRV  |

     ---------     --------     ----------       

-pablo

Everyone's tags (3)
3 REPLIES 3
Beginner

ASA VPN hairpinning (one interface)

Diagram didnt quite come out like i wanted but hopefully you get the point.

Thanks

ASA VPN hairpinning (one interface)

Hello,

You can use the subinterface and vlan concept to implement this

Instead of using physical interface for outside and inside, you can connect your physical interface to switch and configure that as a trunk to pass internet vlan and inside vlan, then configure interface vlan's on asa for outside and inside interface

https://learningnetwork.cisco.com/thread/10502

this might help

regards

Harish

Beginner

ASA VPN hairpinning (one interface)

Thanks, I look into that.

-pablo