Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Remote IPSEC VPN ASA Behind NAT

Hi, i want to create Remote IP Sec VPN on Cisco ASA5510.

Problem is this 5510ASA is behind another 5520ASA and it dont have any public IP address on any of 5510 interface.

if i do static NAT of ASA 5510 Private IP on internet facing 5520 IP Public POOL,

then will VPN work on 5510 ASA? and what ports need to forward on 5520 for 5510 to become IPSEC VPN head end

1 REPLY
New Member

Remote IPSEC VPN ASA Behind NAT

Hi Ahmad,

I am not sure, but ill give a scenario as per ur setup.

For ex, if u dont have a ASA 5510 think as if u have a win or some other VPN server in your network. This server should/will also sit in ur LAN/DMZ. so i think it should work if u have a 5510. Any way this are the ports which a remote access VPN works.

To use the Cisco VPN Client, the following network ports must be opened in your firewall:

  • 500 UDP
  • 4500 UDP
  • 10000 UDP

Regards,

Satya.M

(Plz rate if it is helpful)

609
Views
0
Helpful
1
Replies
CreatePlease to create content