03-21-2007 12:56 PM - edited 02-21-2020 02:56 PM
I need to setup a vpn to a ASA5520 at site1 from an Tasman 1004 edge router at site2. The edge router already servers as the internet gateway and all the NATs are setup on it. Can the edge router be used to make the vpn tunnel without disrupting other traffic or would we need a dedicated VPN router to connect to the ASA5520.
03-21-2007 01:18 PM
Yes, you can have eedge router configured as VPN router if it supports VPN config.
Regarding NAT, you have to exmpt the VPN traffic from NAT on that router.
-Kanishka
03-21-2007 01:47 PM
Thank you for the fast response.
So i would have to create a new wan bundle for the VPN and link it to the T1s so it wouldn't interfere with the original bundle?
We have multiple IPs, so if the original bundle is configured with IP 65.11.11.11/30, i'd like to use an available IP like 65.11.11.12 for the VPN bundle.
03-21-2007 03:54 PM
Yes, you can have an interface with a routable public ip address, and apply the crypto map to it.
If the defaul gateway is pointing to the other WAN interface, you can put specific routes for the remote subnet pointing to the this VPN interface.
ip route
Hope this helps.
-Kanishka
03-22-2007 05:29 AM
I can't link either of the two T1s to the new bundle because they are linked to the original one. Unlinking a T1 just for a VPN is probably not an option. So I'll have to figure out how to configure it in the existing bundle and keep the vpn traffic exempt like you said above.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: