Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
940
Views
0
Helpful
3
Replies

IPSEC VPNS outer firewall, ipsec ras vpn on inner firewall same outside address

ciscokiddy
Level 1
Level 1

‎03-14-2021 06:34 AM

Hi,

I initially had a number of ipsec vpns functioning correctly on an outer firewall and an SSL ras vpn terminating on an inner firewall all pointing/terminating on the same outside address on the outer firewall.

 

Due to a design change the RAS vpn must be changed to ipsec. Can i get this to work using the same outside ip address surely there would be a conflict with ports etc. Any help appreciated. 

Labels:
0 Helpful
3 Replies 3

Rob Ingram
VIP
VIP

‎03-14-2021 08:02 AM

@ciscokiddy 

Yes it sounds like you'd have a conflict

Why not carry on using SSL-VPN? As long as you use TLS/DLTS 1.2 and the strongest ciphers you should be secure.

0 Helpful

ciscokiddy
Level 1
Level 1
In response to Rob Ingram

‎03-15-2021 01:15 PM

Hi Rob,

Thanks for taking the time to reply, however the security policy dictates IPsec only.

 

Regards

 

0 Helpful

Rob Ingram
VIP
VIP

‎03-15-2021 01:30 PM

@ciscokiddy Well either move all VPNs to the inner firewall, nat the traffic and disable ike on the outer firewall. Or get another IP address on the outer firewall and nat the traffic to the inner firewall.

0 Helpful
Customers Also Viewed These Support Documents