Avatar of NewAvenues Admin
NewAvenues Admin
 asked on

Cisco Site to Site VPN

Hello,

I want to setup a site to site VPN connection between a Cisco ASA 5512 and Cisco SRP512W.

The ASA 5512 is our main device and it has a static IP address
The SRP512W will be located in remote office inside a third party's network and doesn't have static IP.
Employees within the remote VPN will need access to a printer that is located in the third party's network. (Outside the VPN I am trying to setup)

I would really appreciate if so can give me some instructions on how to accomplish this setup, ideally from the GUI.

What should I ask the thrid party admin to do, which ports to open forward? I am really not familiar with Cisco devices and VPNs, so need beginner level instructions.

Thanks!
CiscoVPN

Avatar of undefined
Last Comment
SIM50

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
SIM50

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
NewAvenues Admin

ASKER
Thanks SIM50,

I've since learned that the third party network's gateway is a Cisco ASA 5515. Should I just ask them to create a NAT that opens all ports on the private IP address (Private within their network, but WAN port on my device) of my SRP512W. I think it will be best if I can tell them specifically which ports to open.

Any advice on how to access the printer that is located inside the third party's network. Do I need to create a NAT on my end for this? I would really appreciate it if you can help me with this.

Thanks!
SIM50

The ASA 5512 is our main device and it has a static IP address
The SRP512W will be located in remote office inside a third party's network and doesn't have static IP.

I've since learned that the third party network's gateway is a Cisco ASA 5515....  but WAN port on my device) of my SRP512W

Who has what device? You have 5512 or SRP512W? Remote is SRP512W or ASA 5515?

If you don't have overlapping networks, it is fine to setup NAT exempt.  The ports should be restricted regardless to only the ones being used.

Default port for printer is tcp/udp/9100.
NewAvenues Admin

ASKER
Our main office: ASA 5512

Third party network: ASA 5515

Our Remote office (Inside the third party network): SRP512W

So basically I want the Remote Office (SRP512W) to connect to our main office (ASA 5512), going through the third party's ASA 5515. Does that make sense?

We actually don't have the remote office yet, it will be opening 1st of September. The above scenario is how I think I will need to setup their network.

So if what I am describing makes sense then I need to know what I should ask the third party's admin to do on their ASA 5515 for this to work. Should I ask them to create a NAT or something else?

The printer is in the third party's network, once and if the above scenario is setup, how do I facilitate access for employees in our remote site to the printer.
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
SIM50

Our Remote office (Inside the third party network): SRP512W

So basically I want the Remote Office (SRP512W) to connect to our main office (ASA 5512), going through the third party's ASA 5515. Does that make sense?

Do you mean your remote office will be sitting behind the 5515? And SRP512W will separate your remote office from third party network?