02-13-2007 12:08 PM - edited 03-11-2019 02:33 AM
Hello,
Is it possible to configure the ASA5520 to support both easy and site-to-site VPN on the same outside interface!!!!
incase your answer is YES.. how could we do it !!
Regards,
02-13-2007 12:52 PM
sorry for causing confusion, i mean vpn client and site to site vpn.
02-25-2007 11:13 AM
Yes its' possible.
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00805733df.shtml
In this sample configuration, Tiger is the remote PIX and Lion is the central PIX. Since the IP address of Tiger is unknown, you must configure Lion to dynamically accept connections from anywhere knowing the wild-card, pre-shared key. Tiger knows what traffic is to be encrypted (because it is specified by the access-list) and where the Lion endpoint is located. Tiger must initiate the connection. Both sides perform NAT and nat 0 in order to bypass NAT for IPsec traffic.
In addition, the remote user in this configuration connects to the central PIX (Lion) using the Cisco VPN Client 4.x. The remote user cannot connect to the remote PIX (Tiger) since both sides have dynamically assigned IP addresses and do not know where to send the request.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide