cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
configure & troubleshoot anyconnect
327
Views
0
Helpful
0
Replies
Highlighted
Beginner

Sit to Site VPN and Static Pat

My company has task me with connection two ASA 8.4 with public ip address to VPN into one another sites.

My question is I need to connect and configure two static public ip addresses to one another and test the connection between both ASA running 8.4.

I have been told that I need twice Nat the two ips to accomplish this task?

In addition, I need to configure a static Pat to allow ip public address to ports 80 and 443 for email only.

My ips are 192.168.100.5 to 192.168.100.6. they need to be static only, I sat both to security-level 100.

Right know I'm am trying to test the configurations on one of our ASA 5510 in the lab and an Extreme Network switch, before running them on our live network so far I have?

On the ASA, I configure the network object as follows:

Ethernet 0/1

nameif Test

security-level 100

ip address 192.168.100.5/30

no shut

network object obj-inmapped-192.168.100.5
host 192.168.100.5

object network obj-outmapped-192.168.100.6
host 192.168.100.6

Nat (inside, outside) source static static obj-inmapped-192.168.100.5 source static destination obj-outmapped-192.168.100.6

The Static PAT Configure

object network obj_Test01_Pat-80

host 192.168.5.129

nat (inside, outside) static interface service tcp 80 80

object network obj_Test01_Pat-443

host 192.168.5.129

nat (inside, outside) static interface service tcp 443 443

Will this work in my test bed, or do I need to add more commands statements to complete this task?

This is my first time working with ASA’s, this is a new job for me, and this could be change to prove myself to my boss.

I would be very grateful for any help.

Thanks newbie.

Everyone's tags (5)