Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2628
Views
0
Helpful
5
Replies

Routable VPN Between ASA and Windows RRAS

Jason
Level 1
Level 1

‎02-03-2014 02:53 PM

Hi all,

I'm trying to figure out the best way to create a routable VPN between my production network and a small DR server that I have colo'd offsite.

On the production side I have an ASA 5515-X (10.1.0.0/23) and on the DR side I have a Windows Server 2012 R2 server running RRAS, DHCP, NAT, and Hyper-V.  The DR server has a virtual environment with a subnet of 10.5.0.0/24 behind NAT (diagram attached for a visual).  I've seen some tutorials online for how to create a routable VPN between the two, some utilizing the Windows Advanced Firwall to create an IPSec tunnel.  So far, I've not been able to get the tunnel to come up.

Before I spend even more time trying to troubleshoot this, I was wondering what the best way to create a secure connection between these two subnets is and if anybody has done something similar successfully.

Thanks,

Jason

Labels:
Preview file
38 KB
0 Helpful
5 Replies 5

ESOSOLUTIONS
Level 1
Level 1

‎03-24-2014 10:43 AM

Did you have any success with your setup?  Thanks, PW

0 Helpful

Jason
Level 1
Level 1
In response to ESOSOLUTIONS

‎03-24-2014 10:55 AM

None yet, I've been stuck on this for a while now.  My latest attempt caused the DR site to go offline and required hands-on at the colo site to get it back online due to a bad ipsec policy, so I've backed off a bit on trying things.

0 Helpful

grandisle
Level 1
Level 1
In response to Jason

‎10-02-2014 07:11 AM

I am looking into the exact setup you are currently trying (or tried) to implement.  Did you have any luck?

Any words of wisdom and/or tips/tricks?

Thanks!
RR

0 Helpful

Jason
Level 1
Level 1
In response to grandisle

‎10-02-2014 07:49 AM

I've given up trying to make it work at this point.  I'm definitely interested in getting this to work still.  If I see any suggestions, I'm happy to guinea pig it :)

 

Thanks,
Jason

0 Helpful

aluis
Level 1
Level 1

‎10-26-2016 01:17 AM

Hello,

I had this problem myself right now. I didn't find any answer from Cisco's site, I'm going to post the one that I found on Microsoft site:

https://blogs.technet.microsoft.com/networking/2015/12/27/windows-server-2012-r2-vpn-interoperability-with-cisco-asa/

In the document says: "Cisco ASA being an End-Of-Line product, the OS update for these devices seem unlike". Well this information had helped me 2 weeks ago when I order the ASA firewall and choose another option.

I will try to implement the solution and tell you how it goes.

0 Helpful
Customers Also Viewed These Support Documents