05-28-2011 04:35 AM
I need an advice with my vpn design.
I have two cisco ASA 5505 devices and two cisco switches plugged to ASAs in each office. I need to create a VPN tunnel between two offices.
Network behind the ASA1 in office1 is 192.168.1.0/24 with DHCP server – 192.168.1.10
Networks behind the ASA2 in office2 are 192.168.5.0/25; 192.168.5.128/26 and 192.168.5.192/26
All computers in office2 need to get IPs from DHCP server 192.168.1.10. I have switch in office2 with 3 VLANS and I can assign computers from different subnets to different VLANs.
How can I archive this goal? Should I assign 3 IPs for ASA2 inside interface (192.168.5.1, ...5.129, ...5.193) as a default gateways for each subnet? Should I put dhcp helper address 192.168.1.10 on the switch for each VLAN?
05-31-2011 03:00 AM
Any suggestion?
05-31-2011 04:42 AM
hi,
the first thing is your DHCP server is on a different subnet in office 1.
Secondly you can configure dhcpd command and make the ASA to work as a dhcp server.
What i would suggest is to create dhcpd commands on both ASA where the second office ASA will carry 3 different dhcpd configs which will automatically assign IP to their respective clients.
dhcpd dns XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
dhcpd ping_timeout 100
dhcpd address XXX.XXX.XXX.XXX-XXX.XXX.XXX.XXX inside
dhcpd enable inside
once you have achieved that part then create a tunnel between the 2 ASA and assign appropriate ACls for connectivity.
Thanks
05-31-2011 05:02 AM
Then I need 3 different default gateways for each subnet.
How can I assign 3 different IPs for inside interface of the cisco ASA? I use asa 5505 base license.
Thanks,
05-31-2011 05:50 AM
Maybe u could try creating a seperate or one more vlan on the switch with 2-3 ports and assign vlan X to it. This will act as a trunk port.
on the ASA create the vlan X and that will server as your gateway. Connect your ASA to the vlan X.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide