Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations biv343 on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Cisco ASA 5505 L2L-New User

Status
Not open for further replies.
captnops

captnops

IS-IT--Management
Feb 12, 2003
141
I have a need to have a L2L VPN between a customer location and my location for VOIP traffic. The front of the ASA is configured with one of my public IP addresses and I will have to use NAT to route the traffic to the internal IP card.

My issue is that all my internal traffic must flow in and out of this T1 as well.

My question is what does the basic config look like that will allow and route all traffic from the customer to only the IP card address, while allowing and routing all traffic for my internal services and internet access out.

Sorry if this is unclear, but my first ASA device.
 
Sort by date Sort by votes
You didn't say what type of device was at the the customer site, but take a look at this link and post back if you have any questions. It will give you a basic understanding of how to implement a L2L VPN:

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
Upvote 0 Downvote
Thank you for the link. That looks like it will solve my problem of VPN L2L (the ASA is the customers and came configured, sorta)to my Public IP.

My other issue is routing that VPN traffic to my IP card, and allowing all of my internal traffic to the internet and all public requests to my network in.

 
Upvote 0 Downvote
Tell me more about your IP Card. Where is it physically installed?? Is that device on your internal network?? What is the make/model of the card??

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
Upvote 0 Downvote
Here is a basic diag:

internet(t1)(public addresses 204.x.x.226-.231)
|
ASA 5505 - 204.x.x.228
|
IP card 10.x.x.237

My internal network is 10.x.x.0. I need to allow voip traffic from the customer site (asa 5505) to mine using 204.x.x.228 router only to the IP card and back out.

I would then need to route all remaining public IPs to another port on the ASA and route those to my internal 10.x.x.0 network. This port would connect my remaining public IP addresses to my internal network.

Thank you for your patience and help.
 
Upvote 0 Downvote
Can you post a full scrubbed config (middle two octets x'd out) on the ASA on your premises?? Also post the output from a sh sysopt if you could.

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

AllenH12
  • Locked
  • Question
Bandwidth in Cisco ASA 5505
Replies
2
Views
351
AllenH12
AllenH12
intel233
  • Locked
  • Question
Cisco ASA - VPN Question
Replies
6
Views
671
intel233
intel233
intel233
  • Locked
  • Question
Cisco ASA 5510 -Static NAT Help
Replies
8
Views
740
intel233
intel233
WhosYourDiffie
  • Locked
  • Question
Cisco ASA 5506 VPN for Avaya Phones
Replies
0
Views
195
WhosYourDiffie
WhosYourDiffie
PauS0n
  • Locked
  • Question
Need Help On Cisco ASA 5512 Running Version 9
Replies
0
Views
202
PauS0n
PauS0n

Part and Inventory Search

Sponsor

Back
Top