One of my clients has a network with a first line of defense and a second line of defense. The first line of defense are cisco asa 5510s. Now we want to create a lan to lan vpn connection and terminate it on the second line of defense. Is it possible to create a vpn connection on the public adres on the outside of the asa and nat it to a private ip addres from the second line of defense. Is the tunnel encrypted till the second line of defense? Do i need to create a new vpn tunnel with the second line of defense?
If you want to have the tunnel secure all the way to the second line of defense - then create the VPN tunnel directly to that device, no need to terminate the tunnel on the 1st line ASA's.
HTH.
Getting Started
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:
