We are planning to take an ASA 5520 box for with Cisco ASA Advanced Inspection and Prevention (AIP) Security Services Module, already we have 1Mbps internet connection. Now for VPN service through this box, what should I do ? take a new internet connection dedicated for VPN or make it with the same connectivity.
Can we take two different internet connection on the same box? is seprate ports available for termination of 2 links ? is it right approach, becouse we don't want to disturb our normal internet user, VPN is only for higher management.
You could use the same line and configure traffic policing to ensure that VPN traffic is always within a fixed bandwidth.
Or you could get a separate internet pipe (to another ASA interfce), but you'd have to be careful with the routing because you can only have one default route. You would have to leave the default route as it is, and put specifc routes for VPN peers down the new line. This would only work if you knew in advance what IP addresses VPN users would connect from.
I'd try the first option, and if that proves not to be acceptable, bump up the 1M line or get another.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...