Cisco ASA behind pfSense firewall on VIP
Controls contractor insists they have their own VPN endpoint, a Cisco ASA. Management has told us to make it work. We have a smallish internet connection, so would prefer the pfSense already in place control the WAN link. Is there a way to NAT one public address while passing through another to the ASA. We have spare ports. We know that a switch in front of both appliances is the easiest solution, but we loose control of the WAN bandwidth. A second pfSense appliance in WAN-LAN bridge would also give us the control. Looking for a possible single pfSense appliance solution.