Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
365
Views
0
Helpful
1
Replies

ASA5520 EZVPN - Multiple Remote Sites

agtmcgarry
Level 1
Level 1

‎03-12-2008 07:21 AM - edited ‎03-11-2019 05:16 AM

Hi,

I have an asa configured as an ezvpn server.

I have an ACL to encrypt matched traffic to one of the remote sites

access-list ezvpn extended permit ip 192.168.1.0 255.255.255.0 10.11.56.0 255.255.255.0

Can I add all my site subnets to this acl or do I have to create seperate acls for each site.

I have the following group

group-policy ezvpngrp internal

group-policy ezvpngrp attributes

split-tunnel-policy tunnelspecified

split-tunnel-network-list value ezvpn

nem enable

tunnel-group sites type remote-access

tunnel-group sites general-attributes

authentication-server-group vpn

default-group-policy ezvpngrp

tunnel-group sites ipsec-attributes

pre-shared-key *

I can see the group matching my acl. Do I need seperate groups matching seperate acls or can I bundle all my remote site subnets into the one acl and use one group.

Thanks

Anthony

Labels:
0 Helpful
1 Reply 1

hadbou
Level 5
Level 5

‎03-18-2008 10:45 AM

IOS Easy VPN Remote Hardware Client to a PIX Easy VPN Server Configuration Example

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080241a0d.shtml

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card