- Bronze, 100 points or more
I was asked if it is possible to configure an ASA as a VPN RA server using only a single interface and IP address. I said no, but was then told that it is possible, but cannot find any examples of this. All my ASA work has involved using an outside and inside network on seperate subnets.
So, this ASA is to provide VPN termination only, its not used for firewalling between private and public networks.
I dont have any hardware here to try this on, if I configure 1 interface in theory I should be able to get internal users to point to that network for access to the network across the VPN. Also the RA users can use the same IP address to terminate their VPN sessions.
Encrypted and non-encrypted traffic will have to use the same interface, and I'm not sure if this can be done.
My experience tells me this is an invalid configuration, but that is only based on the way I've set up ASA's before.