Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

router/firewall setup

Hope someone can make sense of how this will work.

I was looking at gettin a wires only ADSL connection and put my own cisco ADSL  router at the end which is no problem.

However i would like an ASA behind it to do the nat and terminate my VPN so i'm not sure how the setup would look on the router would i need to use bridge mode?

Thanks

James

1 ACCEPTED SOLUTION

Accepted Solutions

router/firewall setup

Hello, James.

Actually you have some options:

  • you run ADSL in bridge mode and your ASA holds public IP-address (and, probably PPPoE);
  • you run ADSL in router mode and you have routed public subnet, that could be used on ASA to terminate IPSec tunnel;
  • you run ADSL in router mode, but have a single public IP-address; in this case you will have to configure NAT and map udp 500,4500 into ASA private IP-address; you will also end up with 2 NATs, so that won't be easy to troubleshoot!

I guess the third option is worst, 1st or 2nd depend on public subnet availability.

1 REPLY

router/firewall setup

Hello, James.

Actually you have some options:

  • you run ADSL in bridge mode and your ASA holds public IP-address (and, probably PPPoE);
  • you run ADSL in router mode and you have routed public subnet, that could be used on ASA to terminate IPSec tunnel;
  • you run ADSL in router mode, but have a single public IP-address; in this case you will have to configure NAT and map udp 500,4500 into ASA private IP-address; you will also end up with 2 NATs, so that won't be easy to troubleshoot!

I guess the third option is worst, 1st or 2nd depend on public subnet availability.

93
Views
0
Helpful
1
Replies
CreatePlease to create content