Can you help me find a sample configuration of the setup below?
I have 3 ASA FWs. FW1 and FW2 are configured with L2L VPN. Now, a third ASA, FW3, has an "outside" IP address that is of the same network of the LAN of FW2 (private IP). FW3 doesn't have a public IP address. How can I setup a host from behind FW1 to connect to FW3 via remote access VPN? Given that FW3 is only connected to FW2 (no internet).
I am wondering the reason for a RVPN from a host behind FW1 to traverse an encrypted VPN that terminates on FW2, to be forwarded onto FW3 for decryption....when 75% of the path is already encrypted between FW1 and FW2 and FW3 has no access to the internet?
I tried to configure FW3 with standard remote access VPN. It's "outside" is assigned with an IP address that is on the same network of FW2's LAN. I pointed my default route to the inside of FW2. This seems to be working fine.
Sorry if this setup confused you. But this is not the complete design. This is just but one part.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...