cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
889
Views
0
Helpful
1
Replies
Highlighted
Beginner

Secondary Public IP for AnyConnect and IPSec terminations on ASA5505

Can anyone point me to a document or tell me how to use a secondary public IP on the External interface of an ASA to terminate both the AnyConnect and IPSec clients.  I have a /29 block and the primary IP is mapped on 443 to an OWA server behind the ASA.  Currently I have AnyConnect listening on 4443, but users aren't remembering the port so we want to utilize one of our other available public IPs.  I also want to move IPSec to the new IP so we can have one FQDN for both VPN client terminations.

Everyone's tags (5)
1 REPLY 1
Highlighted
Beginner

Secondary Public IP for AnyConnect and IPSec terminations on ASA

This is what we are going to do is:  Since the VPN Clients have to terminate on the ASA primary addresses and it appears we can’t change that termination to a secondary IP,  we are going to move the current OWA access on primary IP:443 to the secondary IP address:443 via the static NAT mapping.  We will  also remove the port 4443 configuration from the webvpn configuration and let it default to 443.