Need help setting up test environment for my project:
Achieve IP connectivity between 2 hosts B to A; C to A;
- host A is VM located behind Cisco ASA 5510 appliance
- host B is Windows VM located in Azure
- host C is Linux (Unbuntu or CentOS) VM located in Azure
- Host B and C need to have Stong Swan installed and configured to establish VPN site-to-site connection to Cisco ASA 5510 appliance
- ASA5510 VPN temrination point must use certificates (self-signed / openssl ) for IKE Authentication. Both client VMs must use certificates as well
- Site-to-Site VPN must be setup using IKEv2 proposals
- Both Linux and Windows hosts must use SrongSwan as "client"
- StongSwan configuration example
C) Cisco ASA 5510 is already in place, same as VMs. If you have your equipment - be my guest
D) StrongSwan configuration:
VPN tunnel shell only be "brought-up" by any traffic initiated by VM. Ping for example
Private IP on VM is the only "network" that need to be terminated by VPN
Need help actually configuring this setup: mostly
- certificates (issuing, installing)
- StrongSwant installation and configuration
- need working configuration
- Step by Step documentation of this configuration: i.e.
1. Deploy StrongSwan on Linux with so-and-so
2. Generate cert like this
3. On Cisco ASA configure VPN like so and so.
It has to be an understandable manual, short but to the point. (I am experienced engineer myself)
No, there is no need to connect B and C, only C to A and B to A
- there is no learning curve - i.e. if you have to do some research and testing - it is on your own.
- In the end I will need remote session arranged to apply configuration to actual hosts.
- I can give unattended access to cloud VMs, but not to firewall.
- if you have your own ASA, be my guest; if you want to deploy Cisco virtual ASA (demo/eval) - be my guest. Access to my firewall have to be supervised.
Even though I put per hour job, I would like to
- get estimate of hours, - I prefer to pay fixed price
- your availability