10-20-2010 06:56 AM
Hi,
i have a asa with an external ip range.
Asa has outside ip : 212.201.54.67
Many clients have this ip in the cisco vpn client profile. Now i want to change the outside ip of the asa. It is possible to keep this ip 212.201.54.67 as dial up vpn ip if the asa have another outside ip ?
cheers
jason
10-20-2010 07:51 AM
Jason,
As far as I know ASA will only terminate VPN (SVC and IPSec) on IP address assigned to interface you enabled given feature on.
May I ask if this is the same setup we discussed where you had seemingly very similar question for SSLVPN?
Marcin
10-21-2010 12:36 AM
Yes, its the same.
So i think i will distribute a new pcf profile.
10-21-2010 12:46 AM
Jason,
Here's an idea.
To avoid this problem in future how about relying on DNS?
Instead of sending a lot of PCF files you'd just need to tweak your DNS for
vpn.example.com IN A record (or potentially AAAA) from older IP to the new one.
That is assumign you have control over DNS for example.com :-)
Marcin
10-21-2010 12:54 AM
Yes this was an idea i was also thinking about. And i`ll maybe do this for the future.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: