Solved

Need help with Cisco 2800 ISR + ASA 5510 configuration

Posted on 2008-10-31
8
601 Views
Last Modified: 2012-05-05
I have a site that I need to install a Cisco 2800 router and an ASA 5510 with the AIP-10 SSM.  I would like the router to do NAT as well as DHCP, and would like to have the ASA run in transparent mode and perform IDS/IPS.  I need the ASA to provide VPN connectivity and not the 2800 router.  Is this configuration possible.
0
Comment
Question by:ryanva
  • 4
  • 3
8 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 500 total points
ID: 22853958
you cannot have the ASA in transparent mode and simultaneously have it be the VPN endpoint.

0
 

Author Comment

by:ryanva
ID: 22854130
ok so assuming that I cannot have a transparent firewall be a VPN endpoint, then how should this configuration be done. I would like the ASA to be the VPN endpoint if possible.
0
 
LVL 79

Assisted Solution

by:lrmoore
lrmoore earned 500 total points
ID: 22854173
The ASA can do VPN, NAT and all access control along with IPS/IDS
The Router can just pass packets from WAN to LAN interface.
If you have an Ethernet feed for WAN, then the router is useless.

0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 

Author Comment

by:ryanva
ID: 22854321
The ISR is going to be for a VOIP deployment in the very near future.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 22854489
makes a good VoIP gateway....

0
 

Author Comment

by:ryanva
ID: 22855140
are you saying that the 2800 should not be inline with the asa?
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 22855521
Not if you have Ethernet WAN feed.
What kind of PSTN feed are you planning? PRI or SIP trunk?
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
Hi All,  Recently I have installed and configured a Sonicwall NS220 in the network as a firewall and Internet access gateway. All was working fine until users started reporting that they cannot use the Cisco VPN client to connect to the customer'…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now