I have an ASA 5510 that uses the OUTSIDE interface for Internet access and it uses a separate interface called VPN to accept VPN connections. This is working fine because the ASA has a default gateway pointing to the OUTSIDE interface and static routes pointing to all the Site-to-Site tunnels through the VPN interface.
Now, the problem is that I need to allow remote access VPN connections to the ASA.
I cannot connect with a VPN client to the ASA without knowing before-hand the public IP address where the client is coming from because there's no route through the VPN interface to that client. If I configure a static route through the VPN interface for the VPN client, then it works. Obviously this is not the solution I need, because most of the clients come from unknown addresses.
My question is:
Can I configure a different crypto map on the interface OUTSIDE to allow remote VPN clients and still allow all the Site-to-Site tunnels terminate on the VPN interface?
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...