11-17-2015 10:45 PM - edited 02-21-2020 08:33 PM
Hello Team,
IS it necessary to give public IP on firewall physical interface connected to ISP for anyconnect VPN in ASA5585.
or we have configure physical interface connected with ISP with local IP address.
and anyconnect VPN as accessable on internate by public IP given at VPN configuration time.
if configurable please suggest.
Thanks & Regards,
Prem Prakash
11-18-2015 01:00 AM
Hi Prem,
As long as Anyconnect client has connectivity to your ASAs interface IP, there should not be any issue.
In case you have private IP on ASA's interface and ISP is providing you public IP, make sure port 443 is open for the connection.
i.e. publick IP:443 should be statically natted to private IP:443
Regards,
Dinesh Moudgil
P.S. Please rate helpful posts.
11-18-2015 03:10 AM
Hello Dinesh
Thanks for Reply.
is ASA Local interface untrust ip 10.115.5.1/30 directly connected to Router 10.115.5.2/30
And i have to static nat 10.115.5.1 with Public ip 14.24.125.5 on same asa
and anyconnect client use 14.24.125.5 for connecting VPN.
Please suggest
Regards,
Prem
11-18-2015 06:32 AM
Prem,
The static NAT would need to be configured on the router, not the ASA.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide