Just to confirm that the VPN endpoint must be on a physical interface on a SAA

I have a client who changes their public IP address range, currently the FORMER IP exists on the physical Interface Internet and the NEW is the ASA, to be able to use the NEW IP to the endpoint of the VPN, it must be on a physical interface, so I think having a trunk to the Internet router, so that the NEW can have a physical address.then IP can pass another on the NEW for VPN.

Hi Richard,

Yes, it must be on a physical interface. Because you cannot configure secondary ip on the ASA, the only approach I can think of, is to set up a trunk according to your suggestion. Unless you use a proxy-arp :).

HTH.

Kind regards

Terence

Tags: Cisco Security

Similar Questions

  • I have Lightroom CC - being upgraded around 2015.  I want to confirm that the camera Nikon d5500 has been added is supported for attachment.

    Looking for a reaonably price camera that tethers to lightroom and has a capacity of time.

    I just want to confirm that the attachment is supported in Lightroom CC 2015.

    Hi Katie,

    From now Nikon d5500 has been added is not supported for shooting, captive

    You can always consult the following document: https://helpx.adobe.com/lightroom/kb/tethered-camera-support-lightroom-4.html

    And whenever there is a new camera is added for shooting tethered, items is updated.

    Please let us know if it helps.

    Kind regards

    Tanuj

  • My iphone 6 s most is having hanged. They said he he's is not replaced. I was wondering how should I confirm that the phone I get is a brand new one not used one?

    My iphone 6 s most is having hanged. They said he he's is not replaced. I was wondering how should I confirm that the phone I get is a brand new one not used one?

    This will be an iPhone manufacturer refurbished in excellent condition 'as new '. You can not change anything on this subject because it's the usual Apple policy on replacement devices.

  • I want to confirm that the update of Adobe Reader 10.1.15 is legitimate.  This update apparently fixes security vulnerabilities and customer issues.

    I want to confirm that the update of Adobe Reader 10.1.15 is legitimate.  This update apparently fixes security vulnerabilities and customer issues.

    Hi Jeremiah,.

    Yes, the Player update 10.1.15 is legitimate.

    In fact, we released the latest patch 10.1.16 October 13.

    You can download the same: Adobe - Acrobat: for Windows

    For immediate release notes please reference: https://helpx.adobe.com/acrobat/release-note/release-notes-acrobat-reader.html

    Kind regards
    Rave

  • With EchoSign, is it possible to not send email confirming that the document was "signed and filed?

    With EchoSign, is it possible to not send email confirming that the document was "signed and filed?

    Hello Neilc96817377,

    Support can make the following changes, as shown, and you can contact them directly:

    Support | services of Adobe eSign

    -Usman

  • We want to confirm that the application will be compatible daylight saving

    We want to confirm that the application will be compatible when changing economies in light of day on April 1st where time restores from 03:00 to 02:00
    confirm that we have sets compatible patch for Australian Eastern Standard Time for advanced savings permutation on April 1, 2012

    running ebusiness 11.5.10

    Published by: jemar98 on February 24, 2012 12:19

    jemar98 wrote:
    We want to confirm that the application will be compatible when changing economies in light of day on April 1st where time restores from 03:00 to 02:00
    confirm that we have sets compatible patch for Australian Eastern Standard Time for advanced savings permutation on April 1, 2012

    running ebusiness 11.5.10

    Please see these documents.

    Comply with the daylight saving time (DST) and rule changes of zone in E-Business Suite 11i [ID 458452.1]
    Diagnosis of problem of the DST with e-Business Suite 11i and Release 12 [800420.1 ID]

    Thank you
    Hussein

  • IP address of the VPN client must demonstrate external IP of ASA 5505

    Hi guys,.

    We have a small project with the Government which has some difficult requiment with security.

    Current situation;

    1 site the Government has allowed a public IP address of our company to access their server in-house.

    2. in our office, staff can connect to their server using RDP by Cisco ASA 5505 I configured with two or three clicks.

    3. this ASA was outside (public) Government of authorized IP address.

    Request amended;

    1. given the increase in the tasks, our staff must have access to the Government of the home server.

    2. Government will not grant vpn access to them directly.

    3. they ask us to provide our staff VPN then RDP access to the Government site.

    I have install VPN and it connects very well with no problems just for the connection itself.

    But if I check using www.whatismyIPaddress.com, he demonstrated local IP address that they got by their ISP not CISCO ASA 5505 outside the interface.

    The problem is unlike Microsoft ISA 2006 VPN which shows the external public IP address when a client connects to the VPN server, Cisco vpn client shows that it is the local IP address that is not in its list in the Government site.

    I'm more like Ms. guy then Cisco as I did ' t have a lot of chances to play with Cisco, sorry about that.

    Is that what I missed in the middle of config or needs a setting more to achieve this?

    How can I make client VPN to show it's IP address to the interface of Cisco ASA rather than the IP address of the local ISP?

    Thanks in advance,

    Charlie

    have you added "same-security-traffic permit intra-interface" like I said in the previous post?

  • I improved my Time Capsule 7.7.7 firmware and now I get a message that the "internal drive must be repaired.

    My backups Time Machine regular started for lack of shortly after the 7.7.7 upgrade. I get the message about how for example inside "must be repaired. I have tried power cycling on a regular basis and also downgraded to 7.7.3; Nothing helps.

    Would be a broken drive reset hardware, or is help now? This 7.7.7 was - or just a coincidence?

    I don't think that the upgrade has been more than straw... but on the already busy camel, he broke...

    How old is the TC? Do you still warranty or applecare... no matter what computer, an ipad, or AppleTV with applecare purchased within a period of 2 years from the purchase of TC and still current is valid. Apple will replace it.

    If it's less than 2 years Apple must always replace if you buy the applecare on any device you own always under warranty 1 year. Or buy a new Apple TV with the applecare and return immediately the appletv to get the TC replaced under applecare.

  • Confirm that the language packs are useless for English

    My Linux distro came with Firefox ESR and pre-installed language packs (also Thunderbird and language packs). There are two entrances of package in the software for each of these applications Manager: the main program and the language packs, which indicates that all the languages in the language packs are installed/removed as a single unit. The online description indicates the language packs are used for 'other languages '. It does not say that the 'standard' language exists or if all languages require some language pack. I use English. Before you uninstall the language packs for both products, I want to confirm that they are not necessary for English. Thank you.

    Thank you.

    Regarding the update, makes the subject of another post. I have it receive the notice of the update, but the update process does not (the audit online says that my version of 24.4 is the most recent and does not perform an automatic update.) If I click on the update notice, "connecting" message comes on to always without completing the connection to the update server. I understand that there is a way to install it manually, but it involves too many steps I'm not familiar with.

  • How to confirm that the machine is not a new machine

    Under normal circumstances, the FRU components must be the same and the official site. But my keyboard T530 different FRU official website, does that mean that my machine problem, not a new machine

    Since it is a grey import, then everything would be possible.

    Look for the warranty start date, when he started?

    Also, remember that this machine is an import grey, to claim the warranty you would have to follow the instructions described below.

    http://support.Lenovo.com/en_AU/detail.page?LegacyDocID=MIGR-58926

    More precisely:

    Customers requiring a function of international interest in China may be requested to provide one of the following numbers to obtain the guarantee of the IWS repair service; proof of identification of business (letter from the company, email, card, badge of the company with photo ID), proof of purchase (receipt, order, delivery note, sales memo or invoice) or proof of travel (passport with valid Visa to or from the country where the product was purchased, or other travel documents).

  • I want to confirm that the former employer cannot display my current email

    I recently left a company that uses Outlook and had my company email forwarded to them leaving. I want to continue to use outlook with my gmail account and want to make sure that the old company can't read my letter of gmail account. This can be confirmed?

    Hello

    Change the password on your account Gmail and Outlook. If you have Gmail
    set to transfer mail, then stop this in Gmail settings online.

    Gmail - change your password
    http://mail.Google.com/support/bin/answer.py?answer=6567

    I hope this helps.

    Rob Brown - Microsoft MVP<- profile="" -="" windows="" expert="" -="" consumer="" :="" bicycle=""><- mark="" twain="" said="" it="">

  • Would it be just to wait that the import of images would also create folders based on international day std?

    I'm very lightly attached and easy to use PhotoShop Elements.

    I am located in the Denmark and expect an import of the image to allow the creation of folders based on the international standard date (mm dd yyyy).

    This "feature" would make the image files to create as follows:

    2014-05-06 (6. May 2014)

    2014-05-07 (7. May 2014), etc.

    When using format files date US are created 05-06-2014 and 2014-07-05, which makes no sense if records must be read in a logical order.

    It seems that date international standard was removed from PhotoShop Elements somewhere arround version 9-10 and it creates quite annoying problems for me.

    Am I really the only one facing this problem?

    Because I can not understand how to configure the Organizer using preferences, then how I have records created automatically in numerical order / "normal"?

    Sincerely

    Henrik

    Do I have reason to think that you are now on PSE12?

    With an earlier version of French, I had the same problem which was solved by a patch then.

    I thought that the problem had been resolved (he was mentioned several times in the forums). Now it works well for me.

    Set preferences:

    Check in option 4: "camera or card reader" the menu "create a subfolder with...» "is set in the right model date.

    Check all options in the 'Advanced' from the downloader dialog box to see if there is any other parameters.

  • jet5740 Office: notice that the paper tray must close when it is not open

    Dear FixIt people.

    I've had my new 5740 for about 3 weeks now and I get a message on screen telling me that a tray should close when it is not open. Indeed NO trays are open to all. It prints well, but after each sheet this message.

    Any help would be welcome. TYVM

    Hi @superbius69 ,

    By your post, I see that you have found a message that the "paper needs tray close", when it is not open. I will do my best to help you.

    Try the following steps to see if it will solve the problem.

    A "paper tray is open. Close the drawer to continue. "Message appears on the printer control panel.

    If you need help, let me know.

    Good day!
    Thank you.

  • Same subnet on all the VPN endpoints?

    Anyone know if it is possible to have the same subnet on all the endpoints of a VPN tunnel star topology?  I need to create tunnels ASA5505 18 back to an ASA5510.  Instead of having 18 subnets over there, it sounds more effective for my request just to have one.  Sort of a CLOUD (there is that Word) inquiry.

    I was wondering.

    Of course read below

    http://www.Cisco.com/en/us/products/ps6120/prod_configuration_examples_list.html

  • How can I confirm that the recipient becomes my emails?

    I need to confirm my employees to become my emails when I send them to my MacBook Pro using Mail.

    This facility is not available in Apple Mail. Some email clients are able to ask for a receipt when sending, but even then it depends on the recipient actually take the step of the return receipt - many won't bother.

    The only thing you can do is instruct them always to answer one of your emails, even if only to say "received".

Maybe you are looking for