Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
266
Views
0
Helpful
2
Replies

L2L ASA5505

Carlo Zaina
Level 1
Level 1

‎09-16-2008 11:39 PM

Hi

I wish to setup a L2L between 2 ASA 5505. Both of them have a public ip address on outside interface and RFC1918 compliant address on the inside interface.

I've followed the guidelines in this document: http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080950890.shtml

However, as expected, the next hop router (belonging to ISP) drops the packets with a private destination address since these networks are unknown.

I figure i have to setup the IPSec in tunnel mode and not transport mode, because in this way the IP source and destination addresses are hidden and they can traverse the public network.

How i can deal with this problem?

The configuration on the 2 ASA is almost the same as the one proposed by the guideline, excepts for the inside (private) and outside (public) addresses

Thank you anticipately

Labels:
0 Helpful
2 Replies 2

Marwan ALshawi
VIP Alumni
VIP Alumni

‎09-17-2008 03:32 AM

can upost ur ASA config to assist u in this config

0 Helpful

Carlo Zaina
Level 1
Level 1
In response to Marwan ALshawi

‎09-22-2008 12:17 AM

Hi.

I've attached the configurations of each firewall.

Please note however one firewall has a public ip address on the outside interface, whereas the other has a private ip address, translated from the ISP's router to 78.159.197.130. (In the previous post i wrote both were with a public ip address)

Thank you anticipately

27864-fw-site2
0 Helpful
Customers Also Viewed These Support Documents