×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

ASA box

Unanswered Question
Jul 14th, 2006
User Badges:

We are planning to take an ASA 5520 box for with Cisco ASA Advanced Inspection and Prevention (AIP) Security Services Module, already we have 1Mbps internet connection. Now for VPN service through this box, what should I do ? take a new internet connection dedicated for VPN or make it with the same connectivity.

Can we take two different internet connection on the same box? is seprate ports available for termination of 2 links ? is it right approach, becouse we don't want to disturb our normal internet user, VPN is only for higher management.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
grant.maynard Tue, 07/18/2006 - 23:57
User Badges:
  • Silver, 250 points or more

You could use the same line and configure traffic policing to ensure that VPN traffic is always within a fixed bandwidth.

Or you could get a separate internet pipe (to another ASA interfce), but you'd have to be careful with the routing because you can only have one default route. You would have to leave the default route as it is, and put specifc routes for VPN peers down the new line. This would only work if you knew in advance what IP addresses VPN users would connect from.

I'd try the first option, and if that proves not to be acceptable, bump up the 1M line or get another.


Actions

This Discussion