My network design is explained and my requirement also briefed below.Can anyone help me?
1. Service Provider's ADSL line is terminated at the service providers ADSL router.
2.ADSL router ethernet interface is connected to a Nortel VPN router.
3.Now the Nortel VPN router private interface is connected to outside interface of the Cisco ASA firewall.
4.The end user is having 8 valid public IP apart from the ADLS WAN interface IP address.
5.Inside network is connected to a inside interface of a ASA through L2 Manageable switch.
6. Customer is having WEB server and Mail server in the DMZ interface.
7.Now I want to have the Remote VPN and SSL VPN,How to configure these two in Cisco ASA.How to do the NATTING?
Please help me to configure.
Yes it is basically a Nortel Contivity VPN router,which supports VPN (50 VPN tunnels) but whether it supports SSL VPN I will have to check it up.
My problem is ahead of Cisco ASA there 2 L3 devices are there,One is Nortel VPN router,then Service Providers Router in that case how I am going to do the Dynamic NAT for my internal users to access the Internet,One NATTING has to be configured in ASA and then the Nortel BOX also should do the NATTING,I am little confused in this NATTING.
Please guide me.
OK - lets get a hold of the topology
1(ISP Router)<>2(Nortel VPN)<>3(ASA)<>4 (Internal Network)
Where does NAT currently take place if the above diagram is correct?
Yes...topology is correct,the ASA has a DMZ zone where two servers are there,for the mobile use should access these servers through SSLVPN.
How and Where should I do the NATTING.
Well to be honest, if the customer has 8 internet routable IP addresses they don't want to waste them.
I would perform the NATTING on the Nortel VPN router, then either config PAT ot specific 1:1 for the VPN/DMZ Servers.
Without the Nortel,with only ASA ,I have done the dynamic NAT for the internal users,and static NAT for teh servers in the DMZ and Remote VPN configured and tested it is working fine.
Since end user bought the Nortel VPN router ,which has to be implemented.
You said NATTING in the nortel and VPN/DMZ 1:1 PAT in the ASA is it?
Thanks support extended to me.
OK "why" is not as important as "what"
What is the device ecpected to do as this will influence the placement in the topology and the required config to place into the network?