cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
645
Views
3
Helpful
3
Replies

remote vpn over ethernet

suthomas1
Level 6
Level 6

Hi,

We want to test the following scenario for remote access users.

- One main office is hosting servers behind ASA 5585 firewall

- another branch office is located within the same city in a short distance, but connected via metro ethernet link to the main office ( no internet link exists in branch )

- Users from branch office needs to connect to main office servers placed behind the firewall

- Security considerations set by the subsidary say that the users in branch office must use a vpn client for authentication to the servers & not directly access the servers

Can we configure remote access vpn in the main office ASA , knowing that there is no internet link in branch office & the users at branch will be using metro ethernet link between the two offices to connect to vpn?

Appreciate all help. Thanks in advance

3 Replies 3

anisaini
Level 1
Level 1

AFAIK there should not be any issues in creating EzVPN or Site to Site VPN provided we have underlying layer 2 and layer 3 correctly configured.

what constraints make you feel this is not possible, could you please provid the topology wth devices(hardware and ip addressing)

Thanks.

I was thinking over as branch users will metro ethernet connection to login to vpn at main office & whether setting up remote vpn is possible over metro ethernet links.

I have attached a very basic flow of the required network connectivity.

Branch users : VPN Pool - 10.10.10.1-10.10.10.20

Cisco ASA 5585 interface : 172.16.30.1 ( interface facing application/inside portion )

Cisco ASA 5585 interface : 10.59.25.x/27 ( interface facing branch users over metro ethernet )

Main office also has token servers for users to authenticate when they connect to the applications.

Please suggest on this. Appreciate all inputs.

Gurus,

Is it possible to run remote access vpn for users over metro ethernet, as the users will be logging in to the HQ using remote access vpn over metro ethernet link.

This metro ethernet link connects the HQ with the branch office.

Appreciate response on this. Thanks.

Message was edited by: sunny thomas