asa behind dsl router

Unanswered Question
Aug 30th, 2007

Hi all, if I want to establish vpn tunnels behind my router, to my firewall, can I just port forward the vpn ports to it? and where is the natting done, on the fw or router, also would the firewall be in routed or transparent mode ?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
brianbono Tue, 09/04/2007 - 15:10

you can configure your router not to perform NAT for traffic destined for the remote local lan of your VPN tunnel.


access-list 120 remark NAT pass

access-list 120 remark SDM_ACL Category=2

access-list 120 deny ip

access-list 120 permit ip any

ip nat inside source list 120 interface Dialer0 overload

tusculum99 Thu, 12/20/2007 - 10:46

What if a user has a generic WEB GUI BASED router that only does port forwarding - how can they work around that and establish a tunnel though the asa device is behind this generic router?


This Discussion