Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

IOS VPN + ASA site to site

Dear,

Please find the attached topology,

Can I make the VPN tunnel between site B (ASA) outside interface & site A (Router IOS) LAN interface?

because i received the dynamic IP on my site A (Router) WAN interface from ISP but I have public IP configured on my LAN interface as well secondary IP's (Private IP's) on my LAN interface,

or

can I make a loopback interface for public IP & make tunnel on it?

in both cases either i put the Public IP on loopback or on LAN i can access the router publically from any where.

Please reply soon.

regards,

Muhammad Kashif Ashraf

3 REPLIES

IOS VPN + ASA site to site

Br Kashif,

Please follow link below, it explains every steps of configuring vpn tunnel between cisco router and ASA.

If you have a question, please feel free to ask.

http://www.cisco.com/en/US/products/ps5855/products_configuration_example09186a00809c7171.shtml

thanks

Rizwan Rafeek

New Member

IOS VPN + ASA site to site

Dear Rizwan,

Thanks for your reply, actually i know the configuration part.

but i'm just asking that

can i make tunnel on site A (WAN port) & site B (not WAN port) LAN port???

regards,

Muhammad Kashif Ashraf

IOS VPN + ASA site to site

"can i make tunnel on site A (WAN port) & site B (not WAN port) LAN port???"

I have never tried it, but it is possible as long public IPs you are using are routable, yes you can use them on any interface and make sure your security implication are being flexiable should you apply an ACL on the outside and insdie interfaces.

just an example.

access-list 101 permit udp any host 72.88.223.20 eq isakmp

access-list 101 permit esp any host 72.88.223.20

Hope that helps.

thanks

Rizwan Rafeek

365
Views
0
Helpful
3
Replies
CreatePlease to create content