First Last
asked on
Cisco ASA - Initiate a VPN from a cisco router on the local LAN behind ASA?
We currently have an ASA with site to site VPN and anyconnect VPN being utilized. We received a third party cisco router which will be used to initiate their own site to site VPN from inside our local LAN to their LAN through our ASA.
1. What we would like to know is if the following ports listed below would interfere with ports for site to site VPN and anyconnect VPN?
2. Would NAT Traversal be required on our ASA? 5540(config)#crypto isakmp nat-traversal
SSH
- allow access from xxxxx on TCP Port 22
ICMP
- allow access from xxxxx - protocol 1
ISAKMP
- allow access to xxxxx on UDP Port 500, also add UDP 4500 for NAT-T
ESP
- allow access to/from xxxxx - protocol 50
Certificate port:
- allow access to/from xxxxx on TCP port 8080
NTP port:
- allow access to/from xxxxx on UDP port 123
1. What we would like to know is if the following ports listed below would interfere with ports for site to site VPN and anyconnect VPN?
2. Would NAT Traversal be required on our ASA? 5540(config)#crypto isakmp nat-traversal
SSH
- allow access from xxxxx on TCP Port 22
ICMP
- allow access from xxxxx - protocol 1
ISAKMP
- allow access to xxxxx on UDP Port 500, also add UDP 4500 for NAT-T
ESP
- allow access to/from xxxxx - protocol 50
Certificate port:
- allow access to/from xxxxx on TCP port 8080
NTP port:
- allow access to/from xxxxx on UDP port 123
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER