If I have a branch office and head office, both with ASA5510s, linked via an IPSec VPN, can a Remote Access VPN user (VPN Client) establish one VPN to the head office site and connect to devices at the branch office site, back over the site-to-site VPN? This could never be done with PIXs because the traffic had to go out the same interface that it came in by. In this instance I had to use a PIX and a VPN concentrator. I am hoping that since the ASA is PIX+VPNConc+IPS it will be able to do it in a single box.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...