Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1771
Views
0
Helpful
10
Replies

Remote VPN with 5 Inside Networks

Go to solution
ThomasMull9000
Level 1
Level 1

‎01-10-2012 11:08 PM

Hello I have Cisco asa 5505 Security Adaptive

Here is My Sceniorio

ASA

Outside Interface  Eth0/0 -  155.155.155.x

Inside Network -  Eth0/1  192.168.1.1

Eth0/2          192.168.2.1      

Eth0/3          192.168.3.1

Eth0/4          192.168.4.1

Eth0/5          192.168.5.1

VPN POOL ADDRESS =   10.10.10.1  ---- 10.10.10.10

So iam using Shrew Soft VPN Software  , so i want to access all these networks by a remote VPN Access , so please can any one give me a helpfull refer or link , or give an idea how i can route this networks

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
andrew.prince
Level 10
Level 10
In response to ThomasMull9000

‎01-11-2012 05:27 AM

Sorry I might be confusing the issue here is your ASA config actually:-

Outside Interface  Eth0/0 -  155.155.155.x

Inside Network -  Eth0/1  192.168.1.1

Eth0/2          192.168.2.1     

Eth0/3          192.168.3.1

Eth0/4          192.168.4.1

Eth0/5          192.168.5.1

??

if so - then there is no need to a layer 3 device, the ASA can be the Payer 3 device if all the above networks are directly connected.

View solution in original post

0 Helpful
10 Replies 10

Go to solution
andrew.prince
Level 10
Level 10

‎01-10-2012 11:59 PM

Just configure a normal remote client VPN, the Shrewsoft VPN client works very well with the ASA.

Sent from Cisco Technical Support iPad App

0 Helpful

Go to solution
ThomasMull9000
Level 1
Level 1
In response to andrew.prince

‎01-11-2012 12:52 AM

Thank's Andrew

So here i created a Remote VPN - and i give IP pool similiar to my First network 192.168.1. 10   -20

So i can reach only for the first network of 192.168.1.0

So how i can reach all other 4 networks

0 Helpful

Go to solution
andrew.prince
Level 10
Level 10
In response to ThomasMull9000

‎01-11-2012 01:43 AM

You just need to define the IP subnets in the split tunnel list if you have configured one, or they should already be reachable if you have configured tunnel all.  And you must make sure the ASA has a route to the layer 3 device handling the other subnets, and the other subnet devices have the layer 3 routing device as the default gateway.  The layer 3 device also needs a route for the 10.10.10.z subnet is via the ASA.

HTH>

0 Helpful

Go to solution
ThomasMull9000
Level 1
Level 1
In response to andrew.prince

‎01-11-2012 05:21 AM

Thank's Andrew This is what iam lookin for .so i need to put a Cisco Layer 3 Switch , and add a static route for the asa .

0 Helpful

Go to solution
ThomasMull9000
Level 1
Level 1
In response to ThomasMull9000

‎01-11-2012 05:22 AM

Please can you refer me , a link of how layer 3 and asa work togher

Thank You very much

0 Helpful

Go to solution
andrew.prince
Level 10
Level 10
In response to ThomasMull9000

‎01-11-2012 05:27 AM

Sorry I might be confusing the issue here is your ASA config actually:-

Outside Interface  Eth0/0 -  155.155.155.x

Inside Network -  Eth0/1  192.168.1.1

Eth0/2          192.168.2.1     

Eth0/3          192.168.3.1

Eth0/4          192.168.4.1

Eth0/5          192.168.5.1

??

if so - then there is no need to a layer 3 device, the ASA can be the Payer 3 device if all the above networks are directly connected.

0 Helpful

Go to solution
ThomasMull9000
Level 1
Level 1
In response to andrew.prince

‎01-11-2012 05:40 AM

Goood ..Thanks

So only thing i need is to get a license that supports more vlans

becuase my current license supports only 3 Vlans DMZ restricted

so in order to create all this networks i have to get security plus license that allows me to create 20 vlans

0 Helpful

Go to solution
andrew.prince
Level 10
Level 10
In response to ThomasMull9000

‎01-11-2012 05:54 AM

Yes - and to be honest if you also had a spare switch lying around with layer 3 routing capability that would work just as well.  As long as you have unlimited inside hosts...

0 Helpful

Go to solution
ThomasMull9000
Level 1
Level 1
In response to andrew.prince

‎01-11-2012 11:30 PM

i got today a new CISCO LAYER 3 Switch .. so here is my scenrio

Cisco Asa 5505

I

Outside  == 155.155.155.x

Inside  =      192.168.7.1

VPN POOL Address =   10.10.10.1   -   10.10.10.20

Layer 3 Switch Config

Vlan 2

interface ip address =  192.168.1.1

Vlan 2

interface ip address =  192.168.2.1

Vlan 2

interface ip address =  192.168.3.1

Vlan 2

interface ip address =  192.168.4.1

Vlan 2

interface ip address =  192.168.5.1

ip Routing

So i want My Remote Access VPN clients to access all this Networks. So Please can you give me a helpfull trick or Link to configure the rest of my routing

Thanks You very Much Andrew

0 Helpful

Go to solution
andrew.prince
Level 10
Level 10
In response to ThomasMull9000

‎01-12-2012 12:02 AM

the interface that connects to the asa should be in a vlan. Then create all the other vlans that you need so

***ASA***

Vlan 7

192.168.7.254/24

Route inside 192.168.0.0/16 q192.168.7.240

***Switch***

Vlan 7

192.168.7.240/24

Vlan 1

192.168.1.240/24

Vlan 2

192.168.2.240/24

Vlan 3

192.168.3.240/24

Vlan 4

192.168.4.240/24

Vlan 5

192.168.5.240/24

Ip default-gateway 192.168.7.259

ip addresses etc are just an idea, but you get the idea.

Sent from Cisco Technical Support iPad App

0 Helpful
Customers Also Viewed These Support Documents