I currently have an ASA5520 as my firewall and a 3005 VPN Concentrator in front of the firewall terminating VPN tunnels with a public peer address of say 184.108.40.206. The ASA 5520 also has a public IP address (say 220.127.116.11) in the same subnet as the public IP of the 3005 but on a separate physical interface on the ASA for direct access to the firewall for other Internet traffic.
We are wanting to consolodate the separate VPN and firewall functions into the ASA (getting rid of the 3005 and moving the VPN function to the ASA). The problem is we have a lot of customers using the 18.104.22.168 address(3005 public IP) to terminate their VPN tunnels. To have our customers all reconfigure their VPN tunnels would be a very large task.
So the question is can I have one physical ASA interface sharing multiple IP addresses--have 22.214.171.124 and 126.96.36.199 on the same physical interface (like a secondary IP but the peer VPN device would have to see the IP as 188.8.131.52)?
Thanks for the help.