Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 562
  • Last Modified:

CISCO ASA 5510

In our data center i have a SRX 5308 Netgear router. This router is the main hub in a vpn hub and spoke set up. I also have a few servers that are connected to this router. We are putting in a CISCO ASA 5510 router with SSL VPN any connect. How can i have both router running together and people VPN to cisco and access the servers on the netgear router?
0
kajumblies
Asked:
kajumblies
  • 3
  • 2
1 Solution
 
LeeeeeCommented:
To reiterate your question, you still want the Netgear to handle site-to-site VPN termination and you the ASA to terminate SSL VPN sessions?
0
 
kajumbliesAuthor Commented:
correct
0
 
LeeeeeCommented:
If you have a range of public IP's, simply assign the outside interface of the 5510 a public IP and configure SSL VPN as normal. As long as the Netgear knows how to route to the ASA, it's straightforward design. Make sure port 443 is allowed through the Netgear outside ACL. Make sure the ASA has static routes to subnets that you want users to be able to access IE server subnet etc.
0
 
kajumbliesAuthor Commented:
1. Do i need to configure static routes on both netgear and cisco or just cisco?
2. How would i set this up on both sides to make the above work?
0
 
LeeeeeCommented:
Are you PAT'ing everything on the SRX or do you have a few public IP's you can use?

ASA needs to know how to get outside, so a default route to the SRX is needed. Potentially a static route to the server network as well if that network is being routed on a core switch/something other than the SRX etc.

The SRX would need a route to the ASA if the ASA is on a different segment than the SRX.
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now