cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1005
Views
0
Helpful
3
Replies

ASA VPN hairpinning (one interface)

pvalenzue
Level 1
Level 1

I am in need of some help. I currently need help setting up an ASA to terminate a site to site VPN using just one interface. I believe I can get this configured using hairpinning but wanted to see if anyone had experience configuring an ASA with VPN in this way. 

I am currently running version 8.4.3  Here is a diagram of how I need the ASA to be configured.

                ^^^^^^^^

               ( internet )

                vvvvvvv

                     |

                     |

                     |

                   --------

                 | router |

                   --------

                      |

                      |

  _____        |

|   ASA   |----|

  ---------        |

                      |

                ___|__

               | switch |

                ----------

                     | | |

                     | | |

                    /  |  \

                  /    |    \

                /      |      \

     ---------     ---------    ----------

    |  SRV  | |  SRV  | |  SRV  |

     ---------     --------     ----------       

-pablo

3 Replies 3

pvalenzue
Level 1
Level 1

Diagram didnt quite come out like i wanted but hopefully you get the point.

Thanks

Hello,

You can use the subinterface and vlan concept to implement this

Instead of using physical interface for outside and inside, you can connect your physical interface to switch and configure that as a trunk to pass internet vlan and inside vlan, then configure interface vlan's on asa for outside and inside interface

https://learningnetwork.cisco.com/thread/10502

this might help

regards

Harish

Thanks, I look into that.

-pablo

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: