Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

VPN tunnels on multiple interfaces on ASA

Hi All,

I have an ASA 5510 that uses the OUTSIDE interface for Internet access and it uses a separate interface called VPN to accept VPN connections. This is working fine because the ASA has a default gateway pointing to the OUTSIDE interface and static routes pointing to all the Site-to-Site tunnels through the VPN interface.

Now, the problem is that I need to allow remote access VPN connections to the ASA.

I cannot connect with a VPN client to the ASA without knowing before-hand the public IP address where the client is coming from because there's no route through the VPN interface to that client. If I configure a static route through the VPN interface for the VPN client, then it works. Obviously this is not the solution I need, because most of the clients come from unknown addresses.

My question is:

Can I configure a different crypto map on the interface OUTSIDE to allow remote VPN clients and still allow all the Site-to-Site tunnels terminate on the VPN interface?

Is this clear?

Please let me know, thanks!

Community Member

Re: VPN tunnels on multiple interfaces on ASA

Hey All,

I did it and it worked!

Thanks anyways... ;-)

CreatePlease to create content