03-03-2009 11:48 AM
Hi All,
I have an ASA 5510 that uses the OUTSIDE interface for Internet access and it uses a separate interface called VPN to accept VPN connections. This is working fine because the ASA has a default gateway pointing to the OUTSIDE interface and static routes pointing to all the Site-to-Site tunnels through the VPN interface.
Now, the problem is that I need to allow remote access VPN connections to the ASA.
I cannot connect with a VPN client to the ASA without knowing before-hand the public IP address where the client is coming from because there's no route through the VPN interface to that client. If I configure a static route through the VPN interface for the VPN client, then it works. Obviously this is not the solution I need, because most of the clients come from unknown addresses.
My question is:
Can I configure a different crypto map on the interface OUTSIDE to allow remote VPN clients and still allow all the Site-to-Site tunnels terminate on the VPN interface?
Is this clear?
Please let me know, thanks!
03-03-2009 12:00 PM
Hey All,
I did it and it worked!
Thanks anyways... ;-)
03-21-2020 05:10 PM
Can you please post how you made it work? :)
Thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide