Configuring multiple WebVPN portals

Unanswered Question
Nov 25th, 2008
User Badges:

Here is the situation...I have an ASA 5520 in single context mode and I need to configure multiple inbound WebVPN portals for different clients. What is the best way to accomplish this? On my outside interface I have a public IP. If I try to add a subinterface with an IP in the same subnet it tells me it can't overlap the subnet on the outside. I have other public IPs issued from my ISP that I could create a subinterface with, but I'm not sure if that is the way to go. From my reading I have learned there are probably multiple ways to accomplish this.

1. By taking the IP address off the physical outside INT and creating multiple subinterfaces (will this allow me to use multiple public IPs on the same subnet - in an effort to conserve public IPs?)

2. Create a subinterface with a seperate public IP address (Is this viable? I'm not sure how you would configure the ASA so it would know where to send outbound traffic because of the default route stating to use the original outside interface)

3. By going to multiple context mode (I'm licensed for 2)

is there another way to accomplish this? thanks for your help.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
bhpci Tue, 11/25/2008 - 07:59
User Badges:

Is that the only way to accompish this? For security reasons we do not want clients to be able to see each other, even if only in a drop down menu. Also, we already have multiple group policies and connection profiles set up that are assigned by their user name and location in Active Directory.


This Discussion