11-29-2013 10:11 AM
Hi,
We want to test the following scenario for remote access users.
- One main office is hosting servers behind ASA 5585 firewall
- another branch office is located within the same city in a short distance, but connected via metro ethernet link to the main office ( no internet link exists in branch )
- Users from branch office needs to connect to main office servers placed behind the firewall
- Security considerations set by the subsidary say that the users in branch office must use a vpn client for authentication to the servers & not directly access the servers
Can we configure remote access vpn in the main office ASA , knowing that there is no internet link in branch office & the users at branch will be using metro ethernet link between the two offices to connect to vpn?
Appreciate all help. Thanks in advance
11-29-2013 11:04 AM
AFAIK there should not be any issues in creating EzVPN or Site to Site VPN provided we have underlying layer 2 and layer 3 correctly configured.
what constraints make you feel this is not possible, could you please provid the topology wth devices(hardware and ip addressing)
11-29-2013 11:25 AM
Thanks.
I was thinking over as branch users will metro ethernet connection to login to vpn at main office & whether setting up remote vpn is possible over metro ethernet links.
I have attached a very basic flow of the required network connectivity.
Branch users : VPN Pool - 10.10.10.1-10.10.10.20
Cisco ASA 5585 interface : 172.16.30.1 ( interface facing application/inside portion )
Cisco ASA 5585 interface : 10.59.25.x/27 ( interface facing branch users over metro ethernet )
Main office also has token servers for users to authenticate when they connect to the applications.
Please suggest on this. Appreciate all inputs.
12-02-2013 09:27 AM
Gurus,
Is it possible to run remote access vpn for users over metro ethernet, as the users will be logging in to the HQ using remote access vpn over metro ethernet link.
This metro ethernet link connects the HQ with the branch office.
Appreciate response on this. Thanks.
Message was edited by: sunny thomas
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide