Solved: Re: SSL VPN Between ASA's

jpdeboer1 · ‎03-28-2018

Hi,

We have some customer networks when IPSEC VPN tunnels are blocked by a firewall. Now its quite hard to request to open up these ports, as they are just not willing to do this.

Now SSL VPN's are mostly not blocked as its over port 443. I dont think its possible, as the SSL VPN functionality on ASAs is a client/server relationship. But is there a solution to have a SSL based VPN between two asa's?

How about changing the port for IPSEC VPN, there is a global command to do this, but can this also be done on a per peer basis?

Thanks in advance!

Br,

Jan Pieter de Boer.

Mohammed al Baqari · ‎03-28-2018

I am afraid that you don't an option here. IKE will run on UDP 500 and
can't be modified. SSL VPN as you mentioned is client server and can't be a
solution for site to site

View solution in original post

Mohammed al Baqari · ‎03-28-2018

I am afraid that you don't an option here. IKE will run on UDP 500 and
can't be modified. SSL VPN as you mentioned is client server and can't be a
solution for site to site

jpdeboer1 · ‎04-05-2018

Thank you for your time and reply, thats what i thought. They will just need to open up the firewall for this IPSEC service.