Avatar of RAMU CH
RAMU CH
Flag for India asked on

Remote-Access & Site-Site VPN at a time in ASA Firewall

HI,

Can we configure  Remote access VPN and Site-Site VPN tunnel in a same ASA 5510 firewall,if so pls send a refference document

Regards
Ramu
VPNCisco

Avatar of undefined
Last Comment
Ernie Beek

8/22/2022 - Mon
Ron Malmstead

While I don't have a reference document.... I use both of these simultaneously all the time.

There can be conflicts however if the local subnet of a remote access user is the same as a remote site, where they aren't located.

Ron Malmstead

Tip: Be sure to backup your running firewall config before making any changes.
RAMU CH

ASKER
Yes You are right

If Remote End & VPN server end same Networks ,how can i troubleshoot, if conflict happens it will be trouble , Do we have to NAT  at Server end Network to some other Private N/w

Ex:
if actual (conflgict) N/w is 192.168.203.X /24 Nhas to atted to 172.16.203.0/24

Regards
Ramu
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes
ASKER CERTIFIED SOLUTION
Ron Malmstead

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
RAMU CH

ASKER
Hi ,

One more issue..

I have configured first SIte-Site VPN tunnel in ASA Firewall and later just now i have configured Remote-Access VPN . Before Remote VPN access configuraton Site-Site Tunnel is fine , after
Remote access VPN configuration , Site-Site tunnel gets down and Remote aceess VPN is working fine.

Pls find the attachment of the configuration and find out any tunnel parameters could be the issue for this ASA-FW-04AUG11-After-FIrst-Modif.TXT
fgasimzade

You can have only one crypto map applied to the interface. You can not have both Outside_map and miro-map cryptomaps applied to same interface.

My suggestion is to use one cryptomap for both remote access and site-to-site
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
RAMU CH

ASKER
Thanks , will do now & confirm you

Regards
Ramu
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
Ernie Beek

This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.