Solved

Need help with Cisco 2800 ISR + ASA 5510 configuration

Posted on 2008-10-31
8
630 Views
Last Modified: 2012-05-05
I have a site that I need to install a Cisco 2800 router and an ASA 5510 with the AIP-10 SSM.  I would like the router to do NAT as well as DHCP, and would like to have the ASA run in transparent mode and perform IDS/IPS.  I need the ASA to provide VPN connectivity and not the 2800 router.  Is this configuration possible.
0
Comment
Question by:ryanva
  • 4
  • 3
8 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 500 total points
ID: 22853958
you cannot have the ASA in transparent mode and simultaneously have it be the VPN endpoint.

0
 

Author Comment

by:ryanva
ID: 22854130
ok so assuming that I cannot have a transparent firewall be a VPN endpoint, then how should this configuration be done. I would like the ASA to be the VPN endpoint if possible.
0
 
LVL 79

Assisted Solution

by:lrmoore
lrmoore earned 500 total points
ID: 22854173
The ASA can do VPN, NAT and all access control along with IPS/IDS
The Router can just pass packets from WAN to LAN interface.
If you have an Ethernet feed for WAN, then the router is useless.

0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:ryanva
ID: 22854321
The ISR is going to be for a VOIP deployment in the very near future.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 22854489
makes a good VoIP gateway....

0
 

Author Comment

by:ryanva
ID: 22855140
are you saying that the 2800 should not be inline with the asa?
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 22855521
Not if you have Ethernet WAN feed.
What kind of PSTN feed are you planning? PRI or SIP trunk?
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question