ASA Implementation with VPN Clients and IKE Peers

Unanswered Question
Apr 24th, 2007
User Badges:
  • Silver, 250 points or more

I am implementing a ASA and replacing a PIX that is currently terminating Cisco Client VPN's and a few IPSEC Lan-2-Lan IPSEC tunnels. The other routers that are connecting to my PIX today roam around and get different IP addresses via DHCP and/or different Internet Connections so the way I got around this was from the URL below with the commands "isakmp key cisco123 address netmask" so it would except any peer. This worked well because I could explicitly state what my interesting traffic was and whether I wanted to split tunnel or not.

I cannot figure out how to do this with an ASA. I want to implement the ASA because our VPN Clients and IPSEC Peers want to communicate with each other and I want to route this traffic via my VPN Tunnels that are terminated on the new ASA.

I dont think a simple EZVPN solution will work because of the split tunneling and routing in this case but someone can tell me otherwise.

Any advices or configuration examples?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion