ASA5510-access to inside vpn server-PTPPwith certificate

Posted on 2006-05-15
Last Modified: 2013-11-16
Good day,
I'm replacing our Linux Fw with the new ASA5510, i'm making the configuration and testing at night when no one is in office to make suer no complains during working hours, I've configured all services needed, one thing I'm not yet done I would like to ask someone who has the expertise or samilar configuration.
the topolgy is as follows:
Cisco router(managed by ISP)
ISA2004-Linux FW
VPN 2003 SERVER inside network
I would like to configure VPN with ASA5510 , but while doing that , I would like to port forward the current VPN users to the VPN server win2003, so they still can work while configuring the ASA5510 and the clients , we use aladdin keys to store the certificates and then use PTPP to allow in users, now I'm using the Linux FW to forward protocols to the win2003- GRE17 and 1723, I would like to forward the same protocols using ASA5510 to the ISA2004 then to inside VPN2003.this way users can continue to work and I configure VPN on ASA5510 and make ISA the VPN server instead of the windows2003 server.
can I do that with ASA5510 , how ?
thanks alot

Question by:jordi67
    LVL 79

    Accepted Solution

    You need a 1-1 static nat with a 2nd public IP, then add an access-list (add to whatever acl you already have)

    where <public ip> is not the same IP as your outside interface..

    static (inside,outside) <public ip> <private ip> netmask
    access-list outside_in permit gre any host <public ip>
    access-list outside_in permit tcp any host <public ip> eq 1723
    access-gropu outside_in in interface outside


    Author Comment

    Thanks alot.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
    If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
    Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

    760 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    12 Experts available now in Live!

    Get 1:1 Help Now