ASA Implementation with VPN Clients and IKE Peers

Unanswered Question
Apr 24th, 2007
User Badges:
  • Silver, 250 points or more

I am implementing a ASA and replacing a PIX that is currently terminating Cisco Client VPN's and a few IPSEC Lan-2-Lan IPSEC tunnels. The other routers that are connecting to my PIX today roam around and get different IP addresses via DHCP and/or different Internet Connections so the way I got around this was from the URL below with the commands "isakmp key cisco123 address 0.0.0.0 netmask 0.0.0.0" so it would except any peer. This worked well because I could explicitly state what my interesting traffic was and whether I wanted to split tunnel or not.


http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080094a87.shtml


I cannot figure out how to do this with an ASA. I want to implement the ASA because our VPN Clients and IPSEC Peers want to communicate with each other and I want to route this traffic via my VPN Tunnels that are terminated on the new ASA.


I dont think a simple EZVPN solution will work because of the split tunneling and routing in this case but someone can tell me otherwise.


Any advices or configuration examples?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion