Re: [OSL | CCIE_Security] IPsec Through ASA

[waleed ']

 but the question is , how  ipsec packet routed on the internet and it has 
private IP in the source field ,because no one nat it now and it has the 
private ip of client machine? From: walleed...@hotmail.com
To: pi...@howto.pl; kingsley.char...@gmail.com
CC: ccie_security@onlinestudylist.com
Subject: RE: [OSL | CCIE_Security] IPsec Through ASA
Date: Thu, 8 Sep 2011 11:37:02 +0000








@pitor it is through firewall 
@kingsley I lost the nat it is working nice now 
 
Date: Thu, 8 Sep 2011 11:44:27 +0200
Subject: Re: [OSL | CCIE_Security] IPsec Through ASA
From: pi...@howto.pl
To: kingsley.char...@gmail.com
CC: walleed...@hotmail.com; ccie_security@onlinestudylist.com

In case the tunnel is terminated on the ASA...


2011/9/8 Kingsley Charles <kingsley.char...@gmail.com>

Exempt the VPN traffic using NAT exempt.

With regards
Kings

On Thu, Sep 8, 2011 at 1:48 PM, waleed ' <walleed...@hotmail.com> wrote:








 Dear pitor , sorry for the general question I will in future ,
if there is patting for inside users on outside interface and we inside user 
need vpn on server on the outside  what we have to add to config ?


Date: Thu, 8 Sep 2011 10:13:04 +0200
Subject: Re: [OSL | CCIE_Security] IPsec Through ASA
From: pi...@howto.pl
To: walleed...@hotmail.com


CC: ccie_security@onlinestudylist.com

Depends on where the traffic is originated from. 
If from the Inside, then you need IPSec pass-thru inspection enabled or pass 
ESP on the outside ACL (in inbound direction).


If from the Outside, then you need to pass UDP/500 (or UDP/4500 if NAT is 
enabled) and ESP on the outside ACL (in inbound direction).


Could you please ask more specific questions in the future?

Regards,
Piotr


2011/9/8 waleed ' <walleed...@hotmail.com>








What we need to enable IPsec through ASA ?                                      
  

_______________________________________________

For more information regarding industry leading CCIE Lab training, please visit 
www.ipexpert.com



Are you a CCNP or CCIE and looking for a job? Check out 
www.PlatinumPlacement.com

                                          

_______________________________________________

For more information regarding industry leading CCIE Lab training, please visit 
www.ipexpert.com



Are you a CCNP or CCIE and looking for a job? Check out 
www.PlatinumPlacement.com



                                                                                
  
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit 
www.ipexpert.com

Are you a CCNP or CCIE and looking for a job? Check out 
www.PlatinumPlacement.com