cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
490
Views
0
Helpful
3
Replies

Need help with ASA

vinayak
Level 1
Level 1

hello All,

Recently i purchased 2 ASA 5505 for my network. I am Having 2 Internet connections. I am connected ISP 1 to ASA 1 & ISP 2 to ASA 2.

I want to use ASA 1 For Site-to-Site VPN & ASA 2 for Internet Connection. I am also having Cisco Catalyst 3560 -24 Ports Switch in my network.

Is it possible to use both VPN & Internet links simulteniously from LAN. ??

1 Accepted Solution

Accepted Solutions

hobbe
Level 7
Level 7

sure, one easy way of doing it might be to set up static routing in the 3560 and have three "lan",

one lan for the internet asa to the 3560

one lan for the vpnasa to the 3560

one lan for the users and servers.

set up the vpn asa towards the remote site and default gateway towards the isp of that link just as usual.

set up the internet ASA towards internet just as you would do normally with its default gateway towards its isp

on the 3560 enable routing

set up static routing of the remote site networks towards the vpn asa

set up default gateway towards the internet asa.

thats it.

This is just one way of doing it.

good luck

HTH

View solution in original post

3 Replies 3

hobbe
Level 7
Level 7

sure, one easy way of doing it might be to set up static routing in the 3560 and have three "lan",

one lan for the internet asa to the 3560

one lan for the vpnasa to the 3560

one lan for the users and servers.

set up the vpn asa towards the remote site and default gateway towards the isp of that link just as usual.

set up the internet ASA towards internet just as you would do normally with its default gateway towards its isp

on the 3560 enable routing

set up static routing of the remote site networks towards the vpn asa

set up default gateway towards the internet asa.

thats it.

This is just one way of doing it.

good luck

HTH

hey,

Thanks for reply.

I have one request. if u dont mind can u please explain me this case with example ?

Please.

Thanks

Green line = traffic destined for Internet

Red line = traffic destined to 192.168.4.0 through vpn tunnel

3560

3 interfaces in routed mode on the 3560 and IP routing on.

interface 1 = default gateway for the local lan

interface 2 = routed interface towards the vpn gateway.

interface 3 = routed interface towards the internet gateway

3560 default gateway = the Internet FW Interface

192.168.4.0 is routed through the VPN fw interface

VPN Firewall default gateway = isp router

Internet FW default gateway = isp router

exchange the ip addresses for your own ip address scheme.

HTH

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: