cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
350
Views
0
Helpful
6
Replies
Highlighted
Beginner

VPN method to be choose..

Dear All,,

Please help me to get some information for implementing VPN in ASA5500 series...

I involved in a project of integrating seven sites with ASA 5500 via VPN.My headoffice is withh ASA5512 and other branch offices having ASA5505.I need all site to be interconnected and needs to communicate each other. My head office is having Static IP and all other branch offices are with dynamic IP.

Which is the best solution that I can suggest to my client in VPN.

Please find the below details also.

ASA5505 s/w version - 8.2(5)

Licensed features for this platform:

Maximum Physical Interfaces    : 8

VLANs                                     :      3, DMZ Restricted

Inside Hosts                             : Unlimited

Failover                                    : Disabled

VPN-DES                                : Enabled

VPN-3DES-AES                        : Enabled

SSL VPN Peers                         : 2

Total VPN Peers                        : 10

Dual ISPs                                  : Disabled

VLAN Trunk Ports                      : 0

Shared License                          : Disabled

AnyConnect for Mobile                : Disabled

AnyConnect for Cisco VPN Phone : Disabled

AnyConnect Essentials               : Disabled

Advanced Endpoint Assessment   : Disabled

UC Phone Proxy Sessions             : 2

Total UC Proxy Sessions               : 2

Botnet Traffic Filter                      : Disabled


ASA5512 s/w version : 8.6(1)2

Licensed features for this platform:

Maximum Physical Interfaces            : Unlimited      perpetual

Maximum VLANs                                : 50             perpetual

Inside Hosts                                     : Unlimited      perpetual

Failover                                            : Disabled       perpetual

VPN-DES                                        : Enabled        perpetual

VPN-3DES-AES                               : Enabled        perpetual

Security Contexts                                 : 0              perpetual

GTP/GPRS                                       : Disabled       perpetual

AnyConnect Premium Peers                  : 2              perpetual

AnyConnect Essentials                      : Disabled       perpetual

Other VPN Peers                                 : 250            perpetual

Total VPN Peers                                  : 250            perpetual

Shared License                                 : Disabled       perpetual

AnyConnect for Mobile                       : Disabled       perpetual

AnyConnect for Cisco VPN Phone       : Disabled       perpetual

Advanced Endpoint Assessment         : Disabled       perpetual

UC Phone Proxy Sessions                     : 2              perpetual

Total UC Proxy Sessions                       : 2              perpetual

Botnet Traffic Filter                             : Disabled       perpetual

Intercompany Media Engine                : Disabled       perpetual

IPS Module                                       : Disabled       perpetual

Thanks & Regards,

Rinchu


1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

did you use RRI?

set reverse route to dynamic map see if it works.

Sent from Cisco Technical Support iPhone App

View solution in original post

6 REPLIES 6
Highlighted
Participant

5505 can work as ezvpn client, or just dynamic l2l also works.

Please check config guide of 5505.

Sent from Cisco Technical Support iPad App

Highlighted

Thanks Shaoqin Li

This is an option ,but my doubt is will branch to branch communication will happen in ezvpn?

Regards,

Rinchuraj

Highlighted

Hi Shaoqin,

I had done ezvpn between branch offices to head office , but branch to branch communication not happening.Is there any version compactibility there . I choose ASDM VPN setup wizard.

Please advice me....

Best Regards,

Rinchuraj

Highlighted

did you use RRI?

set reverse route to dynamic map see if it works.

Sent from Cisco Technical Support iPhone App

View solution in original post

Highlighted

I am here with attaching the running configurtaion of HQ & two Brach offices.

I can communicate from HQ to both braches but spoke to spoke  communication (Brach1-Brach2)  is not possible.

This is a sample lab setup configuration which i want to implement on my live enviornment.

In live case my braches are connected with PPoE connection.

The Address details which i am using in this lab setup is given below:

HQ:

ouside : 93.1.1.1/24

inside:172.16.10.1/24

Brach1:

outside :83.1.1.1/24

inside:172.16.20.1/21

Brach2:

outside :73.1.1.1/24

inside:172.16.30.1/21

Pls check & advice me for it..

Please find the attached link

http://sdrv.ms/14ZXaxQ

regards

Rinchuraj

http://sdrv.ms/14ZXaxQ

Highlighted

Hi Shaoqin,

Thank you for your support and I got the branch to branch communication with above attached configuration . Please advice me this configuration will work with ASA 5512  version 8.6(1)2 and 5505 8.2(5)...

Thank you one again!!!!!!

Best regards,

Rinchuraj