We need to modify our Cisco ASA5510 security device to allow multiple (simultaneous) "outbound" VPN client connections to a Cisco 3000 VPN host device, AND support the following "existing" infrastructure:
- Several "site-to-site" VPN connections between the ASA5510 security device and other firewalls
- Accept several (simultaneous) "inbound" VPN connections
- Single external IP address for all outbound connections (I believe this is called NAT/PAT...)
The added complexity is that the Cisco 3000 VPN device does not have "IPSec over UDP" enabled (NAT-Traversal ?), nor will it have "IPSec over TCP" enabled (NAT-TCP ?). (Corporate policy - currently being debated).
The specific questions are...
Is it possible to configure the ASA5510 to support the "outbound" connections? If so, how ?
Would it have been possible with "IPSec over UDP"? ..."IPSec over TCP"?
Any help would be greatly appreciated !!