The IoT market is growing at a rapid pace and manufacturers are under pressure to quickly provide new products. Can you be sure that your devices do what they're supposed to do, while still being secure?
Course Of The Month
Become a Premium Member and unlock a new, free course in leading technologies each month.
Solved
mpls network / asa 5510 / ipsec
Posted on 2011-03-08
Hi folks
I have an mpls circuit with out internet access. I also have an ASA sitting behind the mpls router.
What do I need to do to in order to establish an IPSEC tunnel to another vendor?
Thanks,
I have an mpls circuit with out internet access. I also have an ASA sitting behind the mpls router.
What do I need to do to in order to establish an IPSEC tunnel to another vendor?
Thanks,
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
3-
2
6 Comments
If all you are looking for is a basic site to site setup, then Cisco has the HOWTO right here: http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080950890.shtml
If the MPLS does not have Internet access then there is not much point in the ASA being there.
Is the other vendor accessible via the same private non-Internet MPLS Service?
Is the other vendor accessible via the same private non-Internet MPLS Service?
nope.
I guess for what i need i should get an outside ds3 line this way ill get an outside IP for my ASA.
I guess for what i need i should get an outside ds3 line this way ill get an outside IP for my ASA.
That's correct. It would also be good if they had the same ASA on their end to simplify the IPSec setup,..although it may still be doable even if you mix brands.
If you do that then to keep the routing scheme synchronous the MPLS Router or some other LAN Router would be the Default Gateway for the LAN and likewise be the central routing "decision maker" for the LAN,...then it would only need a Static Route on it that told it to use your ASA as he gateway to the other vendor's system.
Featured Post
In this series, we will discuss common questions received as a database Solutions Engineer at Percona. In this role, we speak with a wide array of MySQL and MongoDB users responsible for both extremely large and complex environments to smaller single-server environments.
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty.
Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
Many of the companies I’ve worked with have embraced cloud solutions due to their desire to “get out of the datacenter business.” The ability to achieve better security and availability, and the speed with which they are able to deploy, is far grea…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Suggested Courses
Earn Certification
HTML5 Specialist - Certification
Free withPremium
Course of the Month5 days, 20 hours left to enroll
Earn Certification
Cisco CCNA Collaboration: CIVND2
$197.00$177.30
Earn Certification
Cisco CCNA Security: IINS v3.0
$197.00$177.30
627 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.