ASA5520 EZVPN - Multiple Remote Sites

Unanswered Question
Mar 12th, 2008


I have an asa configured as an ezvpn server.

I have an ACL to encrypt matched traffic to one of the remote sites

access-list ezvpn extended permit ip

Can I add all my site subnets to this acl or do I have to create seperate acls for each site.

I have the following group

group-policy ezvpngrp internal

group-policy ezvpngrp attributes

split-tunnel-policy tunnelspecified

split-tunnel-network-list value ezvpn

nem enable

tunnel-group sites type remote-access

tunnel-group sites general-attributes

authentication-server-group vpn

default-group-policy ezvpngrp

tunnel-group sites ipsec-attributes

pre-shared-key *

I can see the group matching my acl. Do I need seperate groups matching seperate acls or can I bundle all my remote site subnets into the one acl and use one group.



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion