Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
293
Views
5
Helpful
2
Replies

asa as vpn concentrator

whanson
Level 2
Level 2

‎09-11-2009 07:36 AM

I want to make an asa a vpn concentrator only and pass all traffic to the inside including internet traffic which then passes to an internet ASA. So...with inverse routing I can make sure that the client vpn pool addressess are known to be on the outside and I would then have an inside 0 route to the inside l3 device, but then I started to wonder how I would manage the asa vpn concentrator from the outside say with ssh. Appears to me that I couldn't because I can't have an outside 0 route and inside 0 route. Seems to me I would have to manage the ASA via vpn to the inside and back out. Am I missing something?

Labels:
0 Helpful
2 Replies 2

Yudong Wu
Level 7
Level 7

‎09-11-2009 09:27 AM

For VPN traffic, you can use "tunneled" keyword after your inside 0 route command so that this route will be only used by VPN traffic.

http://www.cisco.com/en/US/docs/security/asa/asa72/command/reference/qr_72.html#wp1658180

whanson
Level 2
Level 2
In response to Yudong Wu

‎09-14-2009 04:00 AM

As always the best...thx

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents