Re: Remote Access VPN Termination

acharyr123 · ‎05-03-2010

Hi,

Inetrnet is terminating on my internet router having public ip. Inetrnet Rouetr is connecting with FWSM which is on private ip. Internet Router doesn't support crypto (we can't upgrade the iOS also because of some issues).

My question is: can i configure VPN in my FWSM & do some thing on the Internte Router?

Kindly suggest.

Jon Marshall · ‎05-03-2010

acharyr123 wrote:
Hi,
Inetrnet is terminating on my internet router having public ip. Inetrnet Rouetr is connecting with FWSM which is on private ip. Internet Router doesn't support crypto (we can't upgrade the iOS also because of some issues).
My question is: can i configure VPN in my FWSM & do some thing on the Internte Router?
Kindly suggest.

The FWSM does not support remote access VPN termination, it is a firewall only.

Jon

acharyr123 · ‎05-03-2010

I believe I can do it on FWSM. It's accepting all the crypto commands.

Rgds,

Partha

Federico Coto Fajardo · ‎05-03-2010

Partha,

As Jon mentioned, the FWSM is only a Firewall and not a VPN endpoint.

Are you sure you're entering the crypto commands in the FWSM module?

Federico.

acharyr123 · ‎05-03-2010

Yes. I can configure all crypto commands in FWSM.

Jon Marshall · ‎05-03-2010

The reason you can enter the commands is because you can use a vpn to manage the FWSM itself however you cannot use the FWSM to terminate VPNs for data traffic from users.

Jon

Jennifer Halim · ‎05-03-2010

Jon and Federico are absolutely correct. You can only terminate VPN on FWSM to manage the FWSM itself. If you need to terminate VPN on CAT6500 for data traffic, you would need to have VPN SPA (SPA-IPSEC-2G) module.