10-06-2017 03:14 PM - edited 03-12-2019 04:36 AM
Hi,
I have several ASA's with a /28 on a single "outside" interface.
We host individual customer servers, using private addressing, on each inside interface - ifname Company-X
We are trying to setup each company with their own AnyConnect client ssl that will be answered by one of the /28 ip addresses.
i.e. vpn.mycompany.com resolves to w.x.y.1
i.e. vpn.company-A.com resolves to w.x.y.3
ie. vpn.company-B.com resolves to w.x.y.5
etc.
I have seen some posts (circa 2012-14) indicating that this can NOT be done because there is only one ssl per interface. Others indicate that there are ways that "should work".
Has anyone actually done this?
Using what methodology?
Any assistance is greatly appreciated.
Solved! Go to Solution.
10-07-2017 11:14 AM
10-06-2017 03:54 PM
Also today, VPNs are terminated on the outside IP of the ASA. But you can use different FQDNs that point to this same address and also different certificates for each FQDN.
10-07-2017 11:14 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide