Cisco Firewall VPN “Hair Pinning” Note: Cisco refer to this as a “Spoke to Spoke VPN”
KB ID 0000040 Problem You have multiple sites protected by Cisco Firewalls, you establish a remote connection VPN to one of your sites, but cannot get to the others. Solution Normally your remote workers will establish a VPN, with a VPN client (though this principle will also work for remote users with a hardware firewall). In this example we will stick with a remote client using VPN Client software (either using an IPSEC version 3...
Cisco ASA Redundant or Backup ISP Links with VPNs
KB ID 0000544 Problem This method provides failover to a redundant ISP link should your primary network connection go down. IT IS NOT going to load balance the traffic across both interfaces. In this example I’ve also got a VPN to a remote site and some port forwarding to contend with as well. Where we are at the start. Where we want to be Solution Before you go any further the ASA that will have the backup ISP line,...
Cisco ASA 5505 Routing Between Two (Internal) VLANS
KB ID 0000869 Problem I had to set this up for a client this week, I’ve setup a DMZ on a 5505 before and I’ve setup other VLANs to do other jobs, e.g. visitor Internet access. But this client needed a secondary VLAN setting up for IP Phones. In addition I needed to route traffic between both the internal VLANs. I did an internet search and tried to find some configs I could reverse engineer, the few I found were old (Pre version 8.3)...