Setup IPsec VPN using ASA5505 behind Juniper SSG5

Question

I have been assigned to establish a Internet IPsecVPN connection between two sites using Cisco ASA5505
A site currently has following setup.(Same setup is expected in another site)
Internet----->ADSL Router----->Juniper SSG5----->Intranet
(Im not sure what is configured on SSG5 and if router is in bridge mode or if NAT is configured)

I was thinking if I should install ASA5505 along with Juniper SSG5?
Internet----->ADSL Router----->Juniper SSG5----->Cisco ASA5505(for vpn only)------>Intranet
or
Internet----->ADSL Router----->Cisco ASA5505(for vpn only)----->Juniper SSG5------>Intranet

My question is if it is possible?
What should be the normal way to achieve this goal?

Thanks

Answer 1

I'm not sure what the point is with adding the 5505 to the location the Juniper is at.

The SSG5 can easily establish an IPSEC VPN with the 5505, I've done it multiple times with higher end SSG's and the code/cli is the same on the 5.

You'll need to setup the IKE negotiations and settings on both ends (remote gateways to connect to, policies or routes depending on type of VPN, etc.) but this is definitely doable and not hard to accomplish.

There are tons of walkthroughs online if you want help, such as: http://www.tunnelsup.com/site-to-site-vpn-tunnel-config-between-a-cisco-asa-and-a-juniper-ssg-screenos