+ Reply to Thread
Results 1 to 5 of 5
  1. Senior Member
    Join Date
    Mar 2011
    Posts
    195

    Certifications
    CCNA,CCNA Security, Nortel DMS,Nortel Norstar,Avaya IP, Telecom Engineer, ITIL v3 Foundation
    #1

    Default Cisco ASA 5505 used just to Tunnel VOiP ?

    I know that the 5505 can't do trunked ports.
    And I know that the current license will only allow I think 2 interfaces for VLAN.
    But, is it possible to parse out a subnet from the inside and tunnel the VOiP traffic to a corresponding ASA 5505?
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member
    Join Date
    Aug 2011
    Posts
    683

    Certifications
    CCNA/CCNA:V/ATSA-IN
    #2
    sure, just match the interesting traffic.

    if it is traffic sourced from 10.1.1.1 then you'd no-nat this and match it and send it through the tunnel - I dont understand why though, since the encryption/decryption process on the voice packets may have ill effect
    Reply With Quote Quote  

  4. Senior Member
    Join Date
    Mar 2011
    Posts
    195

    Certifications
    CCNA,CCNA Security, Nortel DMS,Nortel Norstar,Avaya IP, Telecom Engineer, ITIL v3 Foundation
    #3
    K, that makes sense.
    Next question would be if I have a Corp Office, internal networks 10.0.0.0 255.255.0.0. Can I basically clone the internal network there, push it to the remote site using say the back 30 IPs for the subnets, and create the site to site tunnel to allow ALL traffic, will that create issues and will that create a load balancing affect?
    Or, should I just tunnel the internal networks, and not include the outside traffic?
    Reply With Quote Quote  

  5. Senior Member
    Join Date
    Aug 2011
    Posts
    683

    Certifications
    CCNA/CCNA:V/ATSA-IN
    #4
    I dont understand?

    If you want to tunnel everything through your vpn then you would want match anything on your crypto map acl

    if you just want voice to go through the tunnel then you can just match the traffic from say the end point subnet


    Can you clarify a bit more?
    Reply With Quote Quote  

  6. Senior Member
    Join Date
    Mar 2011
    Posts
    195

    Certifications
    CCNA,CCNA Security, Nortel DMS,Nortel Norstar,Avaya IP, Telecom Engineer, ITIL v3 Foundation
    #5
    No need, as what I responded with was kind of half baked.
    I know what I need to do, just need to get the Corp ASA able to Ping the Mitel System. Static route should take care of that.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks