We help IT Professionals succeed at work.

Cisco Site to Site VPN

NewAvenues Admin
on
75 Views
Last Modified: 2018-05-17
Hello,

I want to setup a site to site VPN connection between a Cisco ASA 5512 and Cisco SRP512W.

The ASA 5512 is our main device and it has a static IP address
The SRP512W will be located in remote office inside a third party's network and doesn't have static IP.
Employees within the remote VPN will need access to a printer that is located in the third party's network. (Outside the VPN I am trying to setup)

I would really appreciate if so can give me some instructions on how to accomplish this setup, ideally from the GUI.

What should I ask the thrid party admin to do, which ports to open forward? I am really not familiar with Cisco devices and VPNs, so need beginner level instructions.

Thanks!
Comment
Watch Question

Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
NewAvenues AdminIT Department

Author

Commented:
Thanks SIM50,

I've since learned that the third party network's gateway is a Cisco ASA 5515. Should I just ask them to create a NAT that opens all ports on the private IP address (Private within their network, but WAN port on my device) of my SRP512W. I think it will be best if I can tell them specifically which ports to open.

Any advice on how to access the printer that is located inside the third party's network. Do I need to create a NAT on my end for this? I would really appreciate it if you can help me with this.

Thanks!

Commented:
The ASA 5512 is our main device and it has a static IP address
The SRP512W will be located in remote office inside a third party's network and doesn't have static IP.

I've since learned that the third party network's gateway is a Cisco ASA 5515....  but WAN port on my device) of my SRP512W

Who has what device? You have 5512 or SRP512W? Remote is SRP512W or ASA 5515?

If you don't have overlapping networks, it is fine to setup NAT exempt.  The ports should be restricted regardless to only the ones being used.

Default port for printer is tcp/udp/9100.
NewAvenues AdminIT Department

Author

Commented:
Our main office: ASA 5512

Third party network: ASA 5515

Our Remote office (Inside the third party network): SRP512W

So basically I want the Remote Office (SRP512W) to connect to our main office (ASA 5512), going through the third party's ASA 5515. Does that make sense?

We actually don't have the remote office yet, it will be opening 1st of September. The above scenario is how I think I will need to setup their network.

So if what I am describing makes sense then I need to know what I should ask the third party's admin to do on their ASA 5515 for this to work. Should I ask them to create a NAT or something else?

The printer is in the third party's network, once and if the above scenario is setup, how do I facilitate access for employees in our remote site to the printer.

Commented:
Our Remote office (Inside the third party network): SRP512W

So basically I want the Remote Office (SRP512W) to connect to our main office (ASA 5512), going through the third party's ASA 5515. Does that make sense?

Do you mean your remote office will be sitting behind the 5515? And SRP512W will separate your remote office from third party network?
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.