ASA - how to allow global NAT and AnyConnect VPN through border and external interfaces?
ISP provided redundant links that route our public IP space through a border network. The 2 ISP handoffs go into a pair of 3750 switches, layer 2, and the switches uplink to an active/standby ASA pair.
The ASA outside interface, Gi 0/0, has an IP address in the border network. The ASA inside interface, Gi 0/1, has an IP address in our public IP block. Our internal private networks are subinterfaces, Gi 0/1.1 and Gi 0/1.2. ISP routes our public IP space to the IP assigned to Gi 0/1. The default route out the ASA points to the ISP border gateway VIP. We have verified internet traffic is routing properly.
But what I am having trouble with is getting both a global NAT to allow all private nodes access to the internet, and AnyConnect VPN to respond on Gi0/1. Your typical configuration examples have a public IP address on the outside, and private IP on the inside. In our case we also have the "border" network to deal with. Can anyone point me in the right direction?
Gi 0/0 - 10.0.0.1 255.255.255.248 (border network - this is really a public IP but using private for example) security level 0
Gi 0/1 - 192.168.0.1 255.255.255.0 (our public IP block - again this is really a public) security level 1
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...