I have someone with an ASA5510 that is still running on 8.2.2 code, and has asked me an interesting question so I thought I would post and see if anyone has any solution, as my google fu seems to have failed me on this one.
I have the following scenario in play: Internet <----> ASA5510 <----> VPN Remote Location Let's say I have 207.114.24.10/24 on the internet facing side of the ASA, and on the LAN side of the ASA I have 10.0.0.10/16. OK, now let's say I have a VPN tunnel to the remote location, and over at that location I have 192.168.0.50 on a server, with that being a /24 network as well. This is a site to site VPN that is always up between two distant locations. I have been asked to take and use 207.114.24.50 on the Internet side of the ASA5510 firewall, but to NAT it across so it is pointing at the 192.168.0.50 server. So if you telnet (or pick your desired port) in to the public IP of 207.114.24.50, that the firewall will map that across and connect you to 192.168.0.50 over at the remote location. I know mapping stuff just across to the internal LAN is simple, but I have honestly never tried to take an outside IP address and map it across to a server over a VPN at a remote location. Has anyone done this, and can they give me some pointers if you have had any luck. I am push them up to 8.4 or even a 9.x release if needed, but at the moment the unit has 8.2.2 installed on it. Thanks for any help... --- Howard Leadmon _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
