Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Problem in establishing Site to Site VPN between ASA 5525 and RV220 (small business)

ASA 5525 has a Private IP address given by the ISP with Public pool provided - Internet from ASA is working fine .

RV220 end the Peer IP address is Public IP

Is it possible to terminate a IPsec site to site VPN on ASA which has a private ip address. please suggest.

2 REPLIES
New Member

Re: Problem in establishing Site to Site VPN between ASA 5525 an

The VPN is defined between two IP addresses normally.  Private addresses don't route, so you can't define them in the VPN configuration.  It's possible, I suppose, that if you defined the RV220 side to allow connection from the entire 5525 public pool and set it so that the 5525 end always initiated the connection, it might work, but I don't know for sure.  Does the public pool belong to just you?  If not, I'd talk to my ISP about getting a static NAT for your 5525.

Re: Problem in establishing Site to Site VPN between ASA 5525 an

Thanks for the reply. I was also concluded the same. Just wanted to make sure if there is any other way to form a tunnel.....Also I would like to know whether the same can be setup using Site to Site IPSec VPN with Dynamic IP Endpoint. Bcoz RV220 has a static IP and we can give the peer IP as 0.0.0.0 0.0.0.0 so that it can accept connections from any public ip which requests to form a tunnel. If the parameters match it will form tunnel else will not. Will it works as the ISP does the Private to Public translations from the ASA end. Please advise.

236
Views
0
Helpful
2
Replies
CreatePlease login to create content