Adding a VPN Appliance
Let me preface this with this would be so much easier if I were able to use the Firebox to create the VPN but I don't have that option due to a SLA.
I have a vendor who will be providing a web based service that can only be connect to through a VPN connection. Yeah, I know that is weird but it is what it is. This same VPN connection will allow printing to local printers on our network using a print server on their end.
They will be shipping me a Cisco ASA 5506 preconfigured. They want an external IP address and an internal IP address to assign to their device. The easy way to configure this is to just plug the internal IP port into my core switch and use the switch to route traffic. I don't like this as I can't control the data flow from the outside vendor. They basically have cart blanche of my network.
If I were to connect this through my Firebox, what would be the best way to approach this? I have some ideas but I have to send the preconfig information to them and can't test different scenarios.
I'm currently configured with a block of 5 IP's from my ISP. Only two are in use by the Firebox. There is an internal trusted network. No VLANs. Fairly basic setup. Static IP's internally for devices.
Thanks in advance.