cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
99
Views
0
Helpful
1
Replies
sendalot7
Beginner

Can ASA5505 forward remote-access-VPN clients to LAN

I currently have ASA-5505 and 2911-Router and I'm trying to configure VPN topology.

Can ASA5505 forward remote-access-VPN clients to LAN operated by a different router?

Are these two cases possible?:

(1) ASA-5505 and 2911-Router are on separate WAN interfaces, each directly connected to ISP. But then can I connect one of other LAN interfaces of ASA-5505 into a switch managed by 2911-Router to inject remote-SSL-VPN clients into the LAN managed by the router?
(2) ASA-5505 is behind 2911-Router. Can 2911 Router assign a public ip address or have public ip address VPN-access attempts directly be forwarded to ASA-5505 when there is only one public ip address available?
Long put short, can ASA-5505 inject its remote-access-VPN clients as one of hosts on the LAN managed by 2911-router?
Thanks.

1 ACCEPTED SOLUTION

Accepted Solutions
Raja Periyasamy
Beginner

I could help you more if you can explain the purpose of this setup and the connectivity between the ASA and router.

You can enable reverse-route on the Dynamic map on the ASA. The ASA will install a static route for the client on the routing table. You can use a Routing protocol to redistribute the static routes to your switch on the LAN side of the ASA.

 

View solution in original post

1 REPLY 1
Raja Periyasamy
Beginner

I could help you more if you can explain the purpose of this setup and the connectivity between the ASA and router.

You can enable reverse-route on the Dynamic map on the ASA. The ASA will install a static route for the client on the routing table. You can use a Routing protocol to redistribute the static routes to your switch on the LAN side of the ASA.

 

View solution in original post