cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
246
Views
0
Helpful
1
Replies

good one ASA vpn concentrator conversion

whanson
Level 2
Level 2

customer has vpn concentrator hanging off ASA dmz interface. Customer wants vpn tunnels moved to ASA. Hitch, the ASA has a static toward the dmz converting a 10 address to a 172 address before hitting concentrator so end point of tunnel refers to 172 address not 10 address. If I do the following should it work?

nat (inside) 99 access-list convert

global (outside) 99 172.x.x.x

access-list convert permit ip host 10.x.x.x host 1.1.1.1 (other end of the tunnel)

thx

1 Reply 1

mchin345
Level 6
Level 6

Here is the URL for the Migrating to ASA for VPN 3000 Concentrator Series Administrators. Follow the configuration guide. It may help you

http://www.cisco.com/en/US/docs/security/asa/asa70/vpn3000_upgrade/upgrade/guide/miGetStart.html

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: