CISCO ASA 5510

In our data center i have a SRX 5308 Netgear router. This router is the main hub in a vpn hub and spoke set up. I also have a few servers that are connected to this router. We are putting in a CISCO ASA 5510 router with SSL VPN any connect. How can i have both router running together and people VPN to cisco and access the servers on the netgear router?
kajumbliesAsked:
Who is Participating?
 
LeeeeeConnect With a Mentor Commented:
Are you PAT'ing everything on the SRX or do you have a few public IP's you can use?

ASA needs to know how to get outside, so a default route to the SRX is needed. Potentially a static route to the server network as well if that network is being routed on a core switch/something other than the SRX etc.

The SRX would need a route to the ASA if the ASA is on a different segment than the SRX.
0
 
LeeeeeCommented:
To reiterate your question, you still want the Netgear to handle site-to-site VPN termination and you the ASA to terminate SSL VPN sessions?
0
 
kajumbliesAuthor Commented:
correct
0
 
LeeeeeCommented:
If you have a range of public IP's, simply assign the outside interface of the 5510 a public IP and configure SSL VPN as normal. As long as the Netgear knows how to route to the ASA, it's straightforward design. Make sure port 443 is allowed through the Netgear outside ACL. Make sure the ASA has static routes to subnets that you want users to be able to access IE server subnet etc.
0
 
kajumbliesAuthor Commented:
1. Do i need to configure static routes on both netgear and cisco or just cisco?
2. How would i set this up on both sides to make the above work?
0
All Courses

From novice to tech pro — start learning today.