Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
341
Views
0
Helpful
1
Replies

Single asa5510, two public IPs for WebVPN

simh
Level 1
Level 1

‎05-06-2013 07:52 AM

We have an asa5510 running as an SSL VPN gateway using one public IP address (e.g. 1.1.1.1) as the target IP address for the users.

Now we need to run a 2nd public IP address on the same asa5510 as target IP address for a different set of users, e.g. 2.2.2.2.

NAT is not working, secondary IP address is not possible, sub-interface is not the right way.

Does anyone see a way? Is this really not possible?

Thanks for any comment.

Labels:
0 Helpful
1 Reply 1

Nikhil Thakur
Cisco Employee
Cisco Employee

‎05-06-2013 05:22 PM

Hey,

You can try this out:

  • Create a new interface, let's say 'Outside2' and configure it with the second public IP address.
  • Enable WebVPN on the 'Outside2' interface and configure it the same way existing outside interface is configured for SSL VPN.

For all the TCP to-the-box connections, you should be able  to establish a connection to both the interfaces irrespective of the  the default route.

This should work!

HTH!

Regards,

Nick

P.S. If you find this post helpful, please rate the post and mark it as 'Answered'.

0 Helpful
Customers Also Viewed These Support Documents