cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
10258
Views
0
Helpful
3
Replies

Is it possible to have multiple VPN connections at once?

jason.williams
Level 1
Level 1

Here is the setup. I am working on trying to use ASA's at "jump servers" for remote access to network devices. The idea would be to connect to the ASA via a clientless VPN connection and then connect to the network devices.

My question is this. For working remotely, we connect to the corporate network using the Cisco VPN client. Once connected with the client, would it be possible to create another VPN connection to an ASA internally?

Also, if I were to setup multiple ASA jump servers at different locations (say one in a data center and another in the corporate office), would I be able to connect to both ASA's at the same time if I needed to access devices in both locations?

Thanks.

3 Replies 3

Hi Jason,

As far as I know, you will only be able to use the Cisco VPN client to connect to one remote access VPN at a time. You could setup multiple site-to-site VPNs, but this would limit you on mobility and require hardware at the user's end of the connection where the site-to-site tunnels could be terminated.

Hope that helps.

-Mike

xcz504d1114
Level 4
Level 4

I think the only way to do this without requiring hardware at your client sites,as the other gentlemen pointed out, is to setup your VPN servers in a hub and spoke configuration, IE they would all have a site0to-site VPN connection back to the Hub, you as a client, could then connect to any of the ASA's (VPN servers) and have access to any of the other remote sites.

Although I'm sure there is a way to run multiple VPN profiles on a single computer, I'm just unaware of it :)

If I were to design it, I would either hub and spoke, or mesh my ASA's in a site-to-site VPN connection, but this only works if you have static IP's at each location. At a minimum you need 1 static IP to act as a hub, if the other ASA's don't have static IP addresses, that severely limits your connections, as the spokes would always have to initiate the connection to the hub.

Craig

Let me see if I can clear this up. I'm not sure if I explained it all correctly.

I want to setup and use an ASA internally as a jumping off point to connect to our internal network devices. We would connect to the ASA via WebVPN.

The only problem with this is that we don't want to make the ASA accessibly from the Internet.

Currently, we use the Cisco VPN client to connect to our corporate network from outside through a concentrator.

Now, would I be able to first connect to our concentrator with the client, and then create kind of a tunnel-within-a-tunnel and create a connection to the ASA with WebVPN?

Thanks.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: