0

I have a small office network that currently consists of about 10 machines, a gigabit switch, and a router/firewall, in a fairly obvious configuration. I need to add a Cisco ASA 5505 to support a VPN connection to a third party for multiple machines on the network. My question is how would you usually set this up? Specifically, what network topology would you use?

I think my confusion stems from the fact that I now have two routers to deal with. I would prefer to only present the machines on the network with a single gateway interface to as to be able to avoid managing static routes on each machine.

brooks94
  • 167
  • 2
  • 5

1 Answers1

3

If the ASA is yours (as in you own it), I would consider using it to replace whatever Internet router you're currently using.

Otherwise, all you need to do is add a static route on your current Internet router pointing to the ASA for the subnet behind the VPN.

longneck
  • 23,082
  • 4
  • 52
  • 86
  • Agreed. Given the simple arrangement (no other reasons noted) -- replace your existing Internet edge firewall with the ASA 5505. It will prevent a lot of headaches. – Weaver Nov 27 '12 at 06:17