One of my clients has a network with a first line of defense and a second line of defense. The first line of defense are cisco asa 5510s. Now we want to create a lan to lan vpn connection and terminate it on the second line of defense. Is it possible to create a vpn connection on the public adres on the outside of the asa and nat it to a private ip addres from the second line of defense. Is the tunnel encrypted till the second line of defense? Do i need to create a new vpn tunnel with the second line of defense?
If you want to have the tunnel secure all the way to the second line of defense - then create the VPN tunnel directly to that device, no need to terminate the tunnel on the 1st line ASA's.
HTH.
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.