Site-to-Site VPN with 2 ISR 881 + ASA with IPS Module
We have established a Site-to-Site tunnel between two ISR 881 from main office to a remote site. Now I have to integrate a ASA 5505 with IPS-module on the main site. Router and ASA each have their own seperate internet-access. The idea was that all internet traffic on the main site should go through the ASA with IPS, and VPN-traffic to the remote subnet via the router as it was before. What would be the best way to manage this? Leaving the 881 as default gateway on the lan devices and forwarding internet traffic to the ASA? Or changing the default gateway to the ASA and routing remote-subnet traffic to the router?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...