?
Solved

ASA5510-access to inside vpn server-PTPPwith certificate

Posted on 2006-05-15
2
Medium Priority
?
184 Views
Last Modified: 2013-11-16
Good day,
I'm replacing our Linux Fw with the new ASA5510, i'm making the configuration and testing at night when no one is in office to make suer no complains during working hours, I've configured all services needed, one thing I'm not yet done I would like to ask someone who has the expertise or samilar configuration.
the topolgy is as follows:
Internet
Cisco router(managed by ISP)
ASA5510
ISA2004-Linux FW
VPN 2003 SERVER inside network
I would like to configure VPN with ASA5510 , but while doing that , I would like to port forward the current VPN users to the VPN server win2003, so they still can work while configuring the ASA5510 and the clients , we use aladdin keys to store the certificates and then use PTPP to allow in users, now I'm using the Linux FW to forward protocols to the win2003- GRE17 and 1723, I would like to forward the same protocols using ASA5510 to the ISA2004 then to inside VPN2003.this way users can continue to work and I configure VPN on ASA5510 and make ISA the VPN server instead of the windows2003 server.
can I do that with ASA5510 , how ?
thanks alot
Jordi

0
Comment
Question by:jordi67
2 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 2000 total points
ID: 16681716
You need a 1-1 static nat with a 2nd public IP, then add an access-list (add to whatever acl you already have)

where <public ip> is not the same IP as your outside interface..

static (inside,outside) <public ip> <private ip> netmask 255.255.255.255
access-list outside_in permit gre any host <public ip>
access-list outside_in permit tcp any host <public ip> eq 1723
access-gropu outside_in in interface outside

0
 

Author Comment

by:jordi67
ID: 16681761
Thanks alot.
0

Featured Post

What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
With just a little bit of  SQL and VBA, many doors open to cool things like synchronize a list box to display data relevant to other information on a form.  If you have never written code or looked at an SQL statement before, no problem! ...  give i…
Suggested Courses
Course of the Month17 days, 1 hour left to enroll

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question