L2L ASA5505

Unanswered Question
Sep 16th, 2008

Hi

I wish to setup a L2L between 2 ASA 5505. Both of them have a public ip address on outside interface and RFC1918 compliant address on the inside interface.

I've followed the guidelines in this document: http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080950890.shtml

However, as expected, the next hop router (belonging to ISP) drops the packets with a private destination address since these networks are unknown.

I figure i have to setup the IPSec in tunnel mode and not transport mode, because in this way the IP source and destination addresses are hidden and they can traverse the public network.

How i can deal with this problem?

The configuration on the 2 ASA is almost the same as the one proposed by the guideline, excepts for the inside (private) and outside (public) addresses

Thank you anticipately

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Carlo Zaina Mon, 09/22/2008 - 00:17

Hi.

I've attached the configurations of each firewall.

Please note however one firewall has a public ip address on the outside interface, whereas the other has a private ip address, translated from the ISP's router to 78.159.197.130. (In the previous post i wrote both were with a public ip address)

Thank you anticipately

Attachment: 

Actions

This Discussion