Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1212
Views
0
Helpful
2
Replies

IPSEC VPN on inside interface

Go to solution
Mokhalil82
Level 4
Level 4

‎10-16-2019 03:33 AM - edited ‎02-21-2020 09:46 PM

Hi

 

I need to setup an internal IPSEC VPN to a peer that is sitting internally over our MPLS. The traffic needs to be encrypted for business purposes.

 

Can I build a VPN on the inside interface of the ASA, so traffic that needs to go over the VPN comes in on the inside interface, then the VPN tunnel is established over the same interface. 

 

The ASA already has external VPNs established over the outside interface.

 

TIA

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
#Mat
Level 6
Level 6

‎10-16-2019 05:34 AM

Hi! Yes, it is possible. You have to use same-security-traffic permit intar-interface and check the interest traffic, nat, route, acl and enable Ike/ipsec on the inside interface.

 

Regards.

 

HTH

.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Rob Ingram
VIP
VIP

‎10-16-2019 04:51 AM

Hi,
I wouldn't have thought so. Could you not move the MPLS on to another interface of the ASA, therefore traffic would be routed from inside interface and out from the MPLS interface, no reason why that would not work.

HTH
0 Helpful

Go to solution
#Mat
Level 6
Level 6

‎10-16-2019 05:34 AM

Hi! Yes, it is possible. You have to use same-security-traffic permit intar-interface and check the interest traffic, nat, route, acl and enable Ike/ipsec on the inside interface.

 

Regards.

 

HTH

.
0 Helpful
Customers Also Viewed These Support Documents