Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
254
Views
0
Helpful
2
Replies

Remote access and Site to site for mutliple tunnels in same asa

Sathish.raghu
Level 1
Level 1

‎04-21-2016 05:49 AM

Hi,

Is it possible to create remote access login for multiple users and connect to site to site tunnel for multiple tunnels in same ASA.

 

All users will be able to go to all tunnels or restricted to specific tunnel.

Labels:
0 Helpful
2 Replies 2

abdallah malas
Level 1
Level 1

‎04-21-2016 10:05 AM

Hello,

After reading your post, I would like to clarify some things.

Site-to-Site VPN is used to connect two peers, example Firewall-to-Firewall, Router-to-Router, Firewall-to-Router.

while on the other hand, Cisco Any Connect is used to connect Clients from any where to internal network.

In  Site-to-Site VPN you do not choose users, you only choose the two peers that they need to establish a connection. In the Crypto map you can specify to what they can have access. This is usually good to use if Users are being connected from one office to the other. Make sure to use correct NAT and follow the same Encryption, Authentication, Deffihelmin group, and Hashing, also to mirror the Access lists between the two sites.

Cisco Any Connect is used if the client is connecting from his laptop/computer from any where to access company resources. If you are using this type of VPN you can create a Group policy and put the users you want in it (you can create users on local database,or use an Authentication server with Radius), and just reference to the same group policy in each Any connect VPN you create. You can also install the Cisco any connect software remotely the client Stations by them just accessing the link you provide ( I advice you to check the CCNA Security Guide to see the process it is clearly indicated)

Hope this helps,

Best Regards,

0 Helpful

Sathish.raghu
Level 1
Level 1
In response to abdallah malas

‎04-21-2016 10:12 AM

Hi ,

 

Thanks.

 

But We already have solution hosted in third parhty datacenter with 1 firewall end with Site to site from our office and other set of firewall lead to clients network .

 

I like to drop this into one firewall with dual authentication using ad and softtoken for remote access and inturn hairpin connection to client will have site to site from the same ASAV.

 

Is it possible for the user connecting with client vpn and connect to client tunnel through the same firewall without transit firewall in between?

 

 

 

0 Helpful
Customers Also Viewed These Support Documents