ASA 5505 as Easy VPN Client

Unanswered Question
May 26th, 2007
User Badges:


ASA 5505---DSL Router---Internet---ASA 5520

I have a setup as shown above...

I have a ASA 5505 connected to inside interface of my broadband DSL Router. ASA 5505 will have private IP on its inside & outside interface. Only DSL Router outside interface connected to internet will have Public IP Address. This IP address will be used for PAT.

My doubt is whether ASA 5505 can build Easy VPN tunnel from its private outside IP address. DSL router is acting as the PAT device in front of the same.

***Or I need to have Public IP Address on the ASA 5505 outside interface for the Easy VPN remote tunnel***

Can sonebody share the configuration of this type of setup.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
ggilbert Tue, 05/29/2007 - 08:40
User Badges:
  • Cisco Employee,


If the DSL device is acting as a PAT device, then you should not have any problem with the ASA 5505 building a tunnel to the ASA 5520, unless there are some issue with the DSL router.

Make sure you have NAT-T enabled on the ASA 5520 since NAT detection will be done and UDP 4500 will be used for tunnel negotiation.

Hope this explains.

Rate this post, if it helps.




This Discussion