Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
445
Views
0
Helpful
4
Replies

Forward traffic VPN

pdara0001
Level 1
Level 1

‎07-01-2014 07:36 PM

Dear all, Someone is experience with forward port VPN. I mean I have one Cisco router and
behind the route i have ASA 5510. then I want to configure VPN remote access,but I want to configure on ASA 5510, so I want to forward traffic VPN that income to Cisco router , to forward ASA 5510. My  question is , it is possible to do that ? and if it can, please guide me how to do it.
I really thank for your help in advance.

Labels:
0 Helpful
4 Replies 4

nkarthikeyan
Level 7
Level 7

‎07-01-2014 10:12 PM

Hi Pdara,

Yes that is possible. does you firewall outside interface is configured with public IP? if so then everything is a reqular VPN configuration... If your firewall outside interface is configured with private then you have to NAT it to some public IP on the router. So that you will be able to establish VPN connection using ASA.

 

Regards

Karthik

0 Helpful

pdara0001
Level 1
Level 1
In response to nkarthikeyan

‎07-02-2014 08:33 AM

Hi nkarthikeyan,
 

outside interface don have public IP. it is private ip, but on interface 2921 cisco router is IP public.
yeah configure NAT. but please show me the configuration of to do that ?? i really appreciate it if you could show me some to make concept. thank.

 

0 Helpful

nkarthikeyan
Level 7
Level 7
In response to pdara0001

‎07-02-2014 09:08 AM

Hi Pdara,

 

On the ASA end you don need to do anything special.... your vpn configuration would be same.....

 

192.168.1.1(Inside)<ASA>(outside)172.16.1.1----172.16.1.2(inside)<Router>(outside)1.1.1.1/29-----Internet Cloud-----2.2.2.2(outside)<Customer Router>(Inside)10.0.0.1

 

On router:

 

You can have Static NAT to the ASA outside interface IP with public IP say 1.1.1.2

So 172.16.1.1 is translated and visible in public network as 1.1.1.2.

ip nat inside source static 172.16.1.1 1.1.1.2

!

int gig (outside)

ip nat outside

!

int gig (inside)

ip nat inside

!

On ASA you can configure everything as usual with vpn settings..... If your router filters traffic then make sure that VPN ports are allowed UDP 500,4500, 10000, esp etc whatever is needed....

 

Regards

Karthik

 

 

 

0 Helpful

pdara0001
Level 1
Level 1
In response to nkarthikeyan

‎07-02-2014 10:50 AM

Dear nkarthikeyan

i really appreciate with your explaining clearly to me. and i think this one give me know
alot with routing and concept NAT.

0 Helpful
Customers Also Viewed These Support Documents