VPN Network CISCO ASA

Cristobal_Calahorran · November 25, 2011, 11:42am

Hi all,

How should i configue the peplink device having the next scenario:

Global VPN Network with CISCO ASA FIrewall devices
One internet provider in each contry having at least a public IP address.

Steps 1 & 2 are organization standard and can´t be modified. So to take advantage of the pepelink device, i like to combine (in some countries/cities) our 1:1 dedicated internet channel with a residential ADSL conection to give users a better connection experience.

This is why in some cities we have satelite internet providers and the cost is too high.

So as far i understand peplink´s device combines multiple internet connections to make an improvement on the speed of the conection join them “in one big connection” (from different ISP) we decided to have.

But if i need to keep working with the 1:1 public IP conection to mantain my VPN standard and add a “boost” to my offices with an ASDL residential conection? How should i configure peplink’s? Before/After the CISCO Firewall?

Thanks for your help.

Best,

Cristobal

Tim_S · November 30, 2011, 1:59am

Hello Cristobal,

The best solution of course would be to deploy a Peplink Balance 210 or higher at each location. This would allow you to take advantage of our Site-to-Site VPN technology utilizing multiple WAN’s to provide zero downtime and increased bandwidth over the tunnel.

If the Cisco ASA’s need to stay in place and you have to maintain IPSec tunnels, then I would recommend to deploy the Peplink before the ASA in drop-in mode. All the VPN traffic will remain tied to the 1:1 dedicated channel, and you can then make use of the powerful outbound policy manager to route things like web traffic over the ADSL connection.

Thanks,

Tim