Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
636
Views
0
Helpful
3
Replies

Configuring the cisco 5505 as a VPN server thats behind a ISP router

musclemania05
Level 1
Level 1

‎06-28-2018 07:40 AM - edited ‎03-12-2019 05:25 AM

I'm having issues with setting up the cisco 5505 as a VPN sever to view my LAN network that's behind a ISP router(hughesnet ht2000). Some of the limitations I have with this ISP router is that it doesn't have bridge mode capabilities, there no static IP unless you have a business account, which I have at one of my location but my other location is residential and I need remote access to both though. Both receive IPs via DHCP from the internet.

 

On the cisco 5505 I put outside interface in DHCP and inside in the 192.168.1.0/24 network.

I set up access rules for the incoming/inbound request to outside and inside interfaces. 

I set up nat rules to map inside network to outside. I'm not sure though if I need to set up nat rules to map outside to inside?

 

Please see attachment/picture below of what I'm trying to accomplish and network setup.

 

cisco_vpn.PNG

Labels:
Preview file
176 KB
0 Helpful
3 Replies 3

Dennis Mink
VIP Alumni
VIP Alumni

‎06-28-2018 04:48 PM

the only way I can see going about this is to have a port forward for ESP and port 500 on the hughes router, forwarding to your ASA. so VPN can actually terminate on it and the remote end pointing to the public IP address of the hughes router. 

Please remember to rate useful posts, by clicking on the stars below.

0 Helpful

musclemania05
Level 1
Level 1
In response to Dennis Mink

‎06-28-2018 06:31 PM

I have a buisness static IP for one of sites of 72.X.X.X/32 but when trying to set the Outside Vlan on the ASA to this it wont accept it cause when I try to enter a subnet of 255.255.255.255 it gives me a error? Also when I do the port forwarding on the hughesnet do I port forward it to the inside interface LAN (192.168.1.1) on the ASA?

 

Other questions I have? 

1. Do I still need acl rules for port forwarding on the ASA side?

2. Do I need a nat rule that maps the outside to the inside?

3.Do I need to specify a default route for the outside vlan? if so the only default gateway for the wan side on the hughesnet is 100.X.X.X its nothing similar to the static IP of 72.X.X.X? 

 

0 Helpful

Pawan Raut
Level 4
Level 4
In response to musclemania05

‎06-28-2018 11:32 PM

You have to do port forwarding on WAN router interface to ASA Outside interface IP

0 Helpful
Customers Also Viewed These Support Documents