Solved

Cisco ASA - Interface for VPN Traffic

Posted on 2013-10-28
4
560 Views
Last Modified: 2013-10-28
I have a Cisco ASA 5510 with 4 interfaces. I am using one as my outside, one as my inside, one for internal wireless guests. I have an extra that i would like to use for my VPN traffic so that it does not touch my outside interface. I have a block of 16 public ip's. One is assigned to my outside interface already. I want to apply a different addy to my VPN interface. The asa throws up an error when trying to configure an ip address because it overlaps with the outside interface subnet.
Can you give me direction on how i can make this happen?
0
Comment
Question by:bcrosby007
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 18

Accepted Solution

by:
fgasimzade earned 500 total points
ID: 39606444
I dont think it is possible, it can create routing and security issues
0
 
LVL 20

Expert Comment

by:rauenpc
ID: 39606878
fgasimzade is correct, this cannot be done as far as I've ever seen.
0
 
LVL 7

Author Comment

by:bcrosby007
ID: 39606896
So the only legit way would be to get another internet connection with it's own public ip/ gateway.
0
 
LVL 20

Expert Comment

by:rauenpc
ID: 39606994
You would also need a separate ASA. Even with a separate public IP/gateway, the ASA can only have one active default route, so only one ISP can be in use at a time. There are some ways of using NAT to have multiple ISP's active at the same time, but for VPN purposes (which doesn't involve NAT) this cannot be done.
0

Featured Post

How our DevOps Teams Maximize Uptime

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us. Read the use case whitepaper.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question