01-24-2018 08:02 AM - edited 03-12-2019 04:57 AM
Hello Guys,
i am facing an issue when ISP have some problems with providing me dedicated internet circuit with public ip, however i need to configure anyconnect vpn for remote users.
Is it possible to configure anyconnect if my ASA on the outside interface will have private ip which will be NATed to public on the ISP router side?
Never tried that and didn't find any documentation related to my case. What are the requirements? Where to dig? I think there could be many issues in future...
Any ideas? o_0
01-24-2018 09:04 AM
Yes this is possible, you just have to do a static nat on the ISP device for tcp 443 to the private IP on the ASA. ASA config for anyconnect is the same as you would have the public IP on the ASA.
HTH
Bogdan
01-24-2018 09:33 AM
01-25-2018 02:37 AM
I configured it a couple of times for small offices in order to be able to connect to other devices behind the ASA. Did not have any problems with the anyconnect.
If you have the possibility to have the public IP on the ASA I would say go for it, it makes troubleshooting a little more easier, but it is also a question of budget and how critical is the vpn for the business.
01-25-2018 04:01 AM
01-25-2018 06:33 AM
Thanks everyone,
that answers my question.
Regards,
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide