Cisco VPN client onto ASA.. or do i PPTP onto a server behind it..

Unanswered Question
Mar 4th, 2010

Hi all.

I have a bit of a quandry. basically one of our sites is a typical head office with some remote hardware VPN's in.

The VPN tunnels to the sites are up and working great.

What we need now is to configure up the firewall to terminate the Cisco VPN Client - or for it to pass PPTP VPN traffic from the good old microsoft vpn cilent software using some sort of port forwarding - we have spare public IP's available.

BUT.. im unsure how to proceed.

What do you think is the best way forward - and does anyone have any pointers about how to begin setting up either the firewall to accept connections from the Cisco VPN client ? I dont want to screw up the existing hardware tunells... Im not adverse to just forwarding VPN traffic through the firewall and straight to the server either

I've uploaded the ASA config with edited public IP's

Any help much appreciated.. thanks guys

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Federico Coto F... Thu, 03/04/2010 - 12:45


The best way is to create the IPsec tunnel to the ASA and then access the server via the tunnel.

The downside of this option, is that the traffic from the ASA to the server is unencrypted.

If you chose to use PPTP to the server, you can do it as well, but it does not have the security benefits of IPsec.

If you have to decide between IPsec - PPTP, go for IPsec.



This Discussion

Related Content