f



Cisco ASA 5510 and MPLS VPN ?

Hi

Does the Cisco ASA5510 or 5520  can support MPLS VPN / VRF / MPBGP ?

Thanks
Mag
0
Mag
1/31/2009 8:00:25 AM
comp.dcom.sys.cisco 25313 articles. 0 followers. Post Follow

1 Replies
1192 Views

Similar Articles

[PageSpeed] 19

"Mag" <mag@laposte.net> wrote in message 
news:49840513$0$18760$426a74cc@news.free.fr...
> Hi
>
> Does the Cisco ASA5510 or 5520  can support MPLS VPN / VRF / MPBGP ?
>
> Thanks
> Mag

Nope, no vrf or bgp support in an ASA. You can however place an ASA in 
transparent mode between the ethernet handoff of the MPLS router and the 
local LAN. By doing transparent mode you don't have to worry about adding 
extra subnets to each location. 

0
Brian
1/31/2009 3:38:20 PM
Reply:

Similar Artilces:

Help on Cisco ASA 5510 VPN IPsec
Hi i have a small problems with my new asa 5510: I have configured a VPN IPSEC Service and no problems at the connection but after, when i want ping the lan i don't have a answer. On one of my server, i see the packet with tcpdump, i see the reply of the server but on the ASA i have a message of the firewall ... I have used the Wizard included into the 6.0 version. Thanks for your help Mag "Mag" <mag@laposte.net> wrote in message news:49607868$0$6704$426a74cc@news.free.fr... > Hi > > i have a small problems with my new asa 5510: > > I have configured...

Cisco 1750 Router Cisco QoS Device Manager Cisco VPN Device Manager
Hello can my tell who can find the installfiles for 1750 Router Qos Device Manager and Cisco VPN Device Manager!!! thanks R. Kuhn ...

asa 5505 + l2l vpn + cisco client vpn
Hi, I'm trying to replace PIX 506[working ok] with asa 5505. But just after swaping them some of the vpn links doesn't work. I can't ping sites. Cisco vpn client access doesn't work too. I was following few cisco manuals but I can't figure out what is missing in my config. Could you pls have a look at my config maybe sth obvious - I hope so. Many thanks. : Saved : Written by enable_15 at 01:48:02.989 UTC Tue Jan 13 2009 ! ASA Version 8.0(4) ! hostname pb domain-name zzzzzzz enable password zzzzzzzzzzzzzz encrypted passwd zzzzzzzzzzzz encrypted names ! interface Vlan1 nameif inside security-level 100 ip address 192.168.1.254 255.255.255.0 ! interface Vlan2 nameif outside security-level 0 ip address zzzzzzzzzzzzz 255.255.255.240 ! interface Ethernet0/0 switchport access vlan 2 ! interface Ethernet0/1 ! interface Ethernet0/2 ! interface Ethernet0/3 ! interface Ethernet0/4 ! interface Ethernet0/5 ! interface Ethernet0/6 ! interface Ethernet0/7 ! ftp mode passive dns server-group DefaultDNS domain-name zzzzzz access-list inside_nat0_outbound extended permit ip 192.168.1.0 255.255.255.0 192.168.5.0 255.255.255.0 access-list inside_nat0_outbound extended permit ip 192.168.1.0 255.255.255.0 192.168.2.0 255.255.255.0 access-list inside_nat0_outbound extended permit ip 192.168.1.0 255.255.255.0 192.168.9.0 255.255.255.0 access-list inside_nat0_outbound extended permit ip 192.168.1.0 255.255.255.0 192.168.12.0 255.255.255.0 access-list inside_nat0_outbound ...

Cisco ASA 5510
Hi I need help, I have the following 1 x dlink dsl router, pppoa connection to outside world. 1 x ASA 5510 1 dlink attached to the asa 1 switch attached to the asa the inside lan ip range is from 10.xx.xx.xx/24 the interface of the dlink is 10.10.1.1 I would like to permit all traffic inbound and outboud from the dlink into the asa and out through the lan interface. Also with NAT and vpn from the dlink to the lan I have a pppoa conenction BT on the Dlink then on the internal interface I have the ip address 10.0.0.3. I can not get anything to go anywhere and do not really know why, I really hope someone can help. I have enclosed my config for anyone to chekc and help, I am stuck and do not really know where to go. names name 10.0.0.0 lan dns-guard ! interface Ethernet0/0 speed 100 duplex full nameif outsidedlink security-level 0 ip 10.10.1.1 255.255.255.0 ! interface Ethernet0/1 speed 100 duplex full nameif insideswitch security-level 0 ip address 10.0.0.4 255.255.255.0 ! interface Ethernet0/2 shutdown no nameif no security-level no ip address ! interface Management0/0 nameif management security-level 100 ip address 10.31.0.1 255.255.255.0 management-only ! ftp mode passive dns domain-lookup outsidedlink same-security-traffic permit inter-interface object-group network langroup description lan network-object lan 255.255.255.0 pager lines 24 logging enable logging asdm informational mtu outsidedlink 1500 mtu insideswitch 1500 mtu management 1500 !...

Trying to access the PDM of a Cisco pix over a Remote Access VPN with Cisco VPN Client
I am trying to configure the cisco pix (501) to allow access to the PDM over a Cisco VPN Client IPSEC tunnel. I found a situation for accessing the PDM ove a site-site tunnel but am not able to configure it for remote access VPN http://www.cisco.com/en/US/products/sw/netmgtsw/ps2032/products_configuration_example09186a0080094497.shtml I setup VPN by the wizard and enable split tunnel and excempt complete LAN from nat, so not the outside interface ip. Tried with management-access none, inside and outside I am running Cisco PIX Firewall Version 6.3(5) Cisco PIX Device Manager Version 3.0(4)...

Cisco 831 VPN to Cisco 3030 Security
I'm planning on deploying Cisco 831 VPN routers and having them connect to the Corp office over a DSL connection to a Cisco 3030. I'm curious how others handled security to keep unwanted users out. This of course assumes you have split tunneling off and there is a branch office type setup. I'm trying to figure out how to have some sort of login/password challenge to keep one of our remote users family members from plugging in a laptop or similar system and connecting to our network. The DHCP will only serve up one usable IP address from the 831 but you never know. Any help is m...

Cisco vpn client to Cisco 837 problem
hi, I have trouble to solve this issue and would like to get your help. I try to set up remote access vpn with cisco client software to a cisco 837 vpn server but I can only get the tunnel up but d'ont be able to ping router ethernet interface nor all computer in the LAN site. cisco client 4.0.2b--------Internet--------ADSL_Cisco 837_vpn_server-------LAN_Windows2003_terminal_server Building configuration... Current configuration : 3499 bytes version 12.3 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ho...

VPN from Cisco to VPN
Does anyone know how to create a VPN (ANy type) from a Cisco 1601 to a Netscreen 100? Or where to get the information. I have emailed you a stepthrough Dave Sinclair NCSA NetScreen Certified Security Associate NCSI NetScreen Certified Security Instructor Equip Technology.com NetScreen Authrorised Training Centre in the UK ...

Cisco 837 and Cisco VPN client wierdness.. any ideas?
With my current configuration I can VPN connect from anywhere on the web and authenticate as a local user with an 837 router. Once auth'd the VPN client is allocated an IP from the vpn pool. From a VPN connected laptop I can ping any address on the LAN and any other machine on the LAN can ping the IP the VPN client has been allocated. However I can't access all resources via all protocols on all machines. This part is inconsistent and has me baffled. e.g. from a VPN client I can mount SMB shares on 192.168.16.250 but I can't see the webserver (:80) on the same IP). From a LAN connected laptop I can see the webserver running on the VPN client (192.168.17.x:80). However the VPN client can't see a webserver on the same LAN connected laptop (192.168.16.10:80). This is my first ever contact with Cisco gear and while i'm quite chuffed with getting as far as I have on setting this box up.. i'm now way out of my depth on working out what the problem is. Any suggestions would be greatly appreciated! Client s/w is v4.6 (0045) on Mac OS 10.3.9 sh version reports: IOS (tm) C837 Software (C837-K9O3Y6-M), Version 12.2(13)ZH4 Router config (security edited) is cut/pasted below: ! version 12.2 no service pad service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname xxxx ! logging queue-limit 100 no logging buffered enable secret 5 xxxx ! username xxxx password 7 xxxx username xxxx password 7 xxx...

Need help with Cisco 3800 + Cisco ASA 5540 configuration
Hello gurus, I need some help with a new project. I've never used Cisco ASA before, and I don't know how to set this up. I have Cisco 3800, with interface gigabitethernet 0/0 configured with private IP for LAN, 0/1 configured with public IP. ISP tells me that 0/1 (public IP) is to be plugged into one of the 4 ethernet ports in the ASA 5540. I assume I can configure one of these ports for this, but I don't know how to do it. So my questions are, 1) Do I use a cross-over cable to connect router 0/1 to asa port? 2) How do I configure the port in the asa 5540? Do I assign it an...

Trouble Installing Linux/Cisco VPN Client Has anyone had trouble compiling the linux cisco vpn client? Here is the output of the install script: # uname -rviosm Linux 2.4.22-1.2188.nptl #1
Has anyone had trouble compiling the linux cisco vpn client? Here is the output of the install script: # uname -rviosm Linux 2.4.22-1.2188.nptl #1 Wed Apr 21 20:19:18 EDT 2004 x86_64 x86_64 GNU/Linux ../vpn_install Cisco Systems VPN Client Version 4.0.3 (B) Linux Installer Copyright (C) 1998-2001 Cisco Systems, Inc. All Rights Reserved. By installing this product you agree that you have read the license.txt file (The VPN Client license) and will comply with its terms. Directory where binaries will be installed [/usr/local/bin] Automatically start the VPN service at boot time [yes] In order to build the VPN kernel module, you must have the kernel headers for the version of the kernel you are running. For RedHat 6.x users these files are installed in /usr/src/linux by default For RedHat 7.x users these files are installed in /usr/src/linux-2.4 by default For Suse 7.3 users these files are installed in /usr/src/linux-2.4.10.SuSE by de fault Directory containing linux kernel source code [/lib/modules/2.4.22-1.2188.nptl/b uild] * Binaries will be installed in "/usr/local/bin". * Modules will be installed in "/lib/modules/2.4.22-1.2188.nptl/CiscoVPN". * The VPN service will be started AUTOMATICALLY at boot time. * Kernel source from "/lib/modules/2.4.22-1.2188.nptl/build" will be used to bui ld the module. Is the above correct [y] y Making module In file included from Cniapi.h:15, from linuxcniapi.c:24: GenDefs.h...

Cisco ASA 5505 VPN timeout?
A user is reporting that his VPN session times out after seven hours and thirty-eight minutes (7:38). In the Cisco ASA 5505 where do I find and change the timeout. This seems like such an odd value. Mike -- Posted via a free Usenet account from http://www.teranews.com ...

Cisco ASA 5510 and Apple iPhone
I'm trying a couple of weeks to get an IPSEC VPN connection from an iPhone with the new Apple IPSEC Client to a Cisco ASA 5510. Neither the ASDM configuration nor a CLI configuration works. Does anybody have a running config? Walter Neu a �crit : > I'm trying a couple of weeks to get an IPSEC VPN connection from an > iPhone with the new Apple IPSEC Client to a Cisco ASA 5510. Neither the > ASDM configuration nor a CLI configuration works. > > Does anybody have a running config? Did you buy the mobile license ? Otherwise the L2TP/IPSec is an alternate solution wh...

Cisco ASA, VPN and firewall management
Hi, We have a Cisco ASA 5510 and a 5520 and a site-to-site VPN between them to connect two company networks. The inside interface is configured as the management interface. I can connect via ssh/https the inside interface when I come from the local network but not when I come through the VPN tunnel. How can one configure the ASA to allow management access through VPN? I don't want to bind it to the outside interface because then everybody from the Internet can access the firewall. Using the separate management port for this does not work for us because - the Allied Telesyn Switch on the...

Cisco ASA 5505 VPN issue
I just installed an ASA550 on my home network and now I have a problem with connecting 2 PPtP vpn connections using either of the XP or Vista VPN connections. These connnections worked fine until I installed the ASA. Now they both contact the remote VPN locations, but fails when trying to authenticate. The Vista client gives 'error 806: The VPN connection between your computer and the VPN server could not be completed.' From the XP clien, the error states 721:The remote computer did not respond. Here is my current ASA config: ASA Version 7.2(2)33 ! hostname ciscoasa domain-name defa...

Can a Cisco 831 establish a VPN tunnel via a Cisco 2620?
We have a situation where we want to be able to use VoIP phones in a remote office and have them able to connect to our 3Com NBX. We were told by 3Com that if we added a router in the remote office (we have DSL) and established a VPN tunnel to our network, then phones (also 3Com) could work with our NBX and act as though they were in the local network. We already have a 2620 router configured between our network and the internet. We can connect to the network on workstations by using a DUN object that our consultants created that connects through the router and verifies access via AD. We bou...

MAC OS X using Cisco VPN Client through CISCO PIX 501
Hi, I have a bit of an issue driving me completely nuts here... I have a small home network using a Catalyst 1900 switch, PIX 501 and Window and Mac OS X laptops. All computers have the latest update in regards to OS's and Cisco VPN Client, and my PIX config allows any any connection to inside interface (access-list inside_out permit ip any any) Now, I can connect to my office's PIX using the windows laptop just fine, but when I try it with the MAC OS X, I do connect but no traffic passes through, and on top of it internet access o the mac dies instantly (there is a split tunnel a...

Cisco PIX 501 using pptp to connect to cisco vpn 3005 concentrator
Hello all, I got a question concerning pptp between cisco pix 501 and cisco 3005 concentrator. The secenario is the following: one small lan with the pix as default gateway. the pix connected to the dsl router and this is connected to the internet. vpn pass through is enabled on the router. we want the pix to connect to our cisco concentrator using pptp. means we have no public addresse for the pix like we use it for lan-to-lan connections. the pix should behave like a "normal" windows client connection via vpn to a network. Has anyone a configuration example and the main part is ...

Port forwarding from cisco 2600 to ASA-5510
Hi! I have remote clients at sites with very restrictive firewalls which allow only tcp/80 and tcp/443 outbound. I need to enable their remote access IPsec VPN clients, and the only way I can think of to do this is to 'deploy' and IP address, have their VPN clients point to it on tcp/443, instead of the normal port. Then I'd like the router, which has a *very* basic configuration, re-direct traffic destined for that address on tcp/443 to the ASA on tcp/10000, for example. Is that possible, and if so, how?? A nice, clear example would be **greatly** appreciated! TIA!!! -r Y...

cisco asa 5510 secondary ip address
Hi all How add secondary ip address on cisco asa ? ip address 20.20.20.1 255.255.255.0 standby 20.20.20.2 secondary ? :) there is another way to set a few address to interface ? best regards ted In the message <fsdqd1$6t3$1@news.interia.pl> ted wrote: | How add secondary ip address on cisco asa ? | | ip address 20.20.20.1 255.255.255.0 standby 20.20.20.2 secondary ? :) | | there is another way to set a few address to interface ? According to cisco you can not do this: http://www.cisco.com/warp/public/110/19b.html However you might try this and see if it works: http://www.vel...

Cisco ASA 5520 VPN Client Question
Hello all, I have a ASA 5200 box that I've configured for client VPN connections. I have it set up to hand out DHCP addresses for the network that the box is connected to on the inside. When I connect to the box with Cisco client software, everything works fine and the box assigns me an IP address from the DHCP pool. Below is what my routes look like after connecting to the ASA 5520: Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.101.253 0.0.0.0 255.255.255.255 UH 0 0 0 eth0...

CISCO VPN client blocks DCOM communication
Hi I installed the CISCO VPN client on my windows 2000 professional edition. After that, the applcation using DCOM communications is not working any more. I uninstalled the VPN but afterwards, the DCOM application is still not working. Just wonder if you can provide any advise on how to fix that problem. Thanks a lot ...

ASA 5505 and Cisco Client VPN pass-through
With the old PIX v6 multiple Cisco VPN clients on the inside could not reach a remote host. For example, visitors come to your location where you are using a PIX firewall with VPN and they cannot use Cisco Client to VPN to their home office. Is the ASA 5505 v7.2.3 any better at this? Thanks! -Bob "just bob" <kilbyfan@aoldotcom> wrote in message news:E5mdnfN95J-fGoLVnZ2dnUVZ_vGdnZ2d@supernews.com... > With the old PIX v6 multiple Cisco VPN clients on the inside could not > reach a remote host. For example, visitors come to your location where you > are usin...

cisco training in hyderabad, cisco training, cisco certification training in hyderabad
Cisco is the worldwide leader in networking that transforms how people connect, communicate and collaborate. Cisco provides globally recognized IT certification http://www.golarsnetworks.com/cisco-training ...

Web resources about - Cisco ASA 5510 and MPLS VPN ? - comp.dcom.sys.cisco

思科中国 - Cisco Systems, Inc
思科公司中文网站 - 思科公司是全球领先的互联网解决方案供应商。今天,网络作为一个平台成为了商业、教育、政府和家庭通信不可或缺的一部分,思科的互联网技术正是这些网络的基础。

Cisco Systems, Inc
Cisco (NASDAQ: CSCO) is the worldwide leader in networking that transforms how people connect, communicate and collaborate.

Cisco Cable - Compatible Cisco Cables
Buy compatible Cisco cables from original Cisco cable manufacturer directly with high quality, lifetime warranty and fast worldwide delivery. ...

Cisco Press: Source for Cisco Technology, CCNA, CCNP, CCIE Self-Study
Cisco Press is part of a recommended learning path from Cisco Systems that combines instructor-led training with hands-on instruction, e-learning, ...

Cisco Subnet: An independent Cisco community
Cisco Security Watch covers the latest in cisco related security news, expert blogs, resources, and more from Network World editors.

Cisco Systems, Inc
Cisco (NASDAQ: CSCO) is the worldwide leader in networking that transforms how people connect, communicate and collaborate.

Cisco VNI Resources
This widget allows you to define specific parameters of Cisco VNI Forecast data and create custom views/charts that may be used in public/private ...

Home - Cisco London 2012 - Official Olympic Network Infrastructure Provider
Find out what the Cisco team are doing to create the most advanced network infrastructure in Olympic history and build a legacy for the UK.

Cisco Canada Blog - built for the human network
built for the human network Saviez-vous qu’à présent, Cisco a plus de 18 000 étudiants inscrits dans 244 Académies à travers le pays? Cisco Networking ...

Cisco Bridges - Wikipedia, the free encyclopedia
50°09′05″N 121°34′52″W  /  50.151505°N 121.581114°W  / 50.151505; -121.581114 Coordinates : 50°09′05″N 121°34′52″W  /  50.151505°N 121.581114°W ...

Resources last updated: 3/25/2016 8:54:36 AM