Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Silver

site-2-site VPN configuration assistance

Anyone has ideas on how to accomplish this?

External IP: 1.1.1.1/28

Internal IP: 192.168.1.1/24

DMZ IP: 192.168.2.1/24

loopback0: 192.168.1.17/28

I have a Cisco 2621 running IOS with IPSec capable code.

Very simple design, External, Internal and DMZ

interfaces.

Hosts behind the "Internal" get to the Internet via port address

translation on the External interace. The DMZ interface

is connected for extranet partners coming over the FRAME-relay,

MPLS, PPP, etc... connections.

There are twenty site-2-site VPNs on this router from both

the External and DMZ interfaces. I use the loopback0 as the

VPN terminating endpoint. Everything is woring fine.

Now customer wants to replace this router with a Cisco ASA

5520 appliance. The requirement is to keep ALL existing

VPNs the same. Since creating loopback is not possible on

the ASA, how would one go about making this configuration

work with ASA? One other things, NO CHANGE CAN BE MADE ON

THE OTHER 20 REMOTE VPN PEERS.

Thanks.

1 REPLY
Silver

Re: site-2-site VPN configuration assistance

Anyone can help me with this? Thanks.

136
Views
0
Helpful
1
Replies
CreatePlease to create content