Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Remote Access VPN Setup

Hello Support,

I have a question regarding a remote access VPN setup with the following. I have a Cisco 6500 with multiple VLANs, and an FWSM setup in mutliple context mode. Each of our clients sits behind their own context, and has their own associated VLANs. Each context has a shared interface, so that one network (our management network) can see all of the networks. We are using a Cisco ASA to terminate P2P VPNs as the FWSms cannot do so, but I would like to setup a remote access VPN from the ASA, but I will need to connect in and have access to all networks. Currently the ASA has an outside interface for internet, two client inside interfaces, and one interface on the shared network.

If I setup a remote access VPN from the ASA with a separate scope will I be able to see all the networks that I setup routes and nonats for or is there more to it?

I provided a brief diagram showing all the vlans, I will need to be able to access all of the 6500s vlans when connected using the VPN.

Thanks in advance for all ideas, suggestions, and assistance.

2 ACCEPTED SOLUTIONS

Accepted Solutions

Remote Access VPN Setup

Hello John,

You will need to configure the respective IP Address pool for the Anyconnect users,

Then create the no_nat rules from all of the internal subnets to the Anyconnect Pool.

That should do it bud . I mean just make sure the internal network (core) knows that in order to reach the anyconnect pool must send the traffic to the ASA.

Rate all of the helpful posts!!!

Regards,

Jcarvaja

Follow me on http://laguiadelnetworking.com

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

Remote Access VPN Setup

Hello,

Cool,

Keep us posted and remember to rate all of the posts

Regards,

Jcarvaja

Follow me on http://laguiadelnetworking.com

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
3 REPLIES

Remote Access VPN Setup

Hello John,

You will need to configure the respective IP Address pool for the Anyconnect users,

Then create the no_nat rules from all of the internal subnets to the Anyconnect Pool.

That should do it bud . I mean just make sure the internal network (core) knows that in order to reach the anyconnect pool must send the traffic to the ASA.

Rate all of the helpful posts!!!

Regards,

Jcarvaja

Follow me on http://laguiadelnetworking.com

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
New Member

Remote Access VPN Setup

Thank Julio.

I have an outage this weekend, that I'm doing a few other things, so I will bring it up then and let you know if any issues come up, thanks!

Remote Access VPN Setup

Hello,

Cool,

Keep us posted and remember to rate all of the posts

Regards,

Jcarvaja

Follow me on http://laguiadelnetworking.com

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
106
Views
0
Helpful
3
Replies
CreatePlease login to create content