Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
799
Views
3
Helpful
2
Replies

Remote Access VPN. Atypical scenario?

jose.corchero
Level 1
Level 1

‎05-16-2011 03:34 AM - edited ‎02-21-2020 05:20 PM

Hi,

We have the following scenario:

INTERNET
|
|
|
|
ISP INTERNET ROUTER
|  (192.168.1.1)
|
|
|
|
|  outside(192.168.1.2)
ASA
| inside
|
|
|
|
Client network

The customer has a /29 public addressing pool that resides in the ASA. Dynamic NAT/PAT and Static NAT are working fine.

When I try to configure Remote Access VPN I don't know which interface to assign as Tunnel interface because Outside uses private addressing and there is no nat beetwen Isp router and ASA.

Is there any option to configure Remote Access VPN in this scenario or should I change the addressing of Router-ASA Link to public ip addresses?

Thanks!

Labels:
0 Helpful
2 Replies 2

jonathanaxford
Level 3
Level 3

‎05-16-2011 03:40 AM

Hi Jose,

The remote access VPN endpoint will need to be a publicy routable IP address if you wish clients to be able to connect to it.

In most scenarios I have seen, the link between your ASA and the router would be publicly addressed, allowing you to terminate the VPN on the ASA itself.

I am not sure how you would get around it otherwise, especially if the router is the ISP's and not yours.

Many thanks

Jonathan

jose.corchero
Level 1
Level 1
In response to jonathanaxford

‎05-16-2011 06:40 AM

Thanks Jonathan

0 Helpful
Customers Also Viewed These Support Documents