twinq
asked on
ASA5520 with 02 internet connection
Hi bro,
route vpn 0.0.0.0 0.0.0.0 x.x.x.x 2
02. VPN Client--------- ASA--------------Inside Network
|
|
route vpn 0.0.0.0 0.0.0.0 x.x.x.x 1
01. Internet connection
I have 02 internet connections and I want the using first connection for Internet and the second connection for VPN client. I already configure the first connection connect to Internet from inside network.
The second connection if add the command route vpn 0.0.0.0 0.0.0.0 x.x.x.x 2 and do VPN Client from outside, ASA response with log bellow:
Routing failed to locate next hop for UDP from NP Identity.
Can you please show me how to configure the ASA only answer the IPSEC VPN on the vpn interface only?
Thank you very much for you help!
route vpn 0.0.0.0 0.0.0.0 x.x.x.x 2
02. VPN Client--------- ASA--------------Inside Network
|
|
route vpn 0.0.0.0 0.0.0.0 x.x.x.x 1
01. Internet connection
I have 02 internet connections and I want the using first connection for Internet and the second connection for VPN client. I already configure the first connection connect to Internet from inside network.
The second connection if add the command route vpn 0.0.0.0 0.0.0.0 x.x.x.x 2 and do VPN Client from outside, ASA response with log bellow:
Routing failed to locate next hop for UDP from NP Identity.
Can you please show me how to configure the ASA only answer the IPSEC VPN on the vpn interface only?
Thank you very much for you help!
ASKER
Do you have any solution to accept connection from VPN Client while the default route still active?
I had a similar situation with two different ISP's coming into one ASA. I was able to use 2nd interface by putting static routes for each VPN client while using 1st interface for all other traffic.
ASKER
Hi SIM50,
Thanks for your reply!
But I want to use dynamic route for second interface. Because, for each vpnclient for each time connect to ASA they not using static IP (they are using ADSL connection).
I already try using static IP before post this question to this website. :D
I hope someone have solution for this case.
Thanks for your reply!
But I want to use dynamic route for second interface. Because, for each vpnclient for each time connect to ASA they not using static IP (they are using ADSL connection).
I already try using static IP before post this question to this website. :D
I hope someone have solution for this case.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Hi, its bad design chose to use FW as ISP edge connection. In my case, im using 2 3845 as BGP ASBR in to 2 different ISP, and i have 2 WAN modules its "Remote Access" & "VPN" on Cisco ASA 5540 support. I have 2 static routes in my different DMZ zones, that redistributed back in to my BGP AS. It you need help in this solution, I can help with all question.
WBR Antony Seqoya.
WBR Antony Seqoya.
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
/Kvistofta