Remote access VPN in ASA

Unanswered Question
Apr 25th, 2012
User Badges:

Hi Experts,


We have a ASA 5505 in our enviroment. We already configures two site 2 site VPN to our branch offices. Now we are planning to configure remote access VPN. So what should be consider when configuring the remote access VPN in ASA which already having site to site VPN?


Regards,

Ejaz

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (2 ratings)
Loading.
rizwanr74 Wed, 04/25/2012 - 11:33
User Badges:
  • Gold, 750 points or more

Hi Ejaz,


When you create ip-addresses for remote access pool, please make sure, it does not overlap with your inside network or dmz as I have seen there are plenty of people making such a mistake.


what version of ASA you are using?


thanks

Ejaz Ahmed Wed, 04/25/2012 - 11:44
User Badges:

Hi Rizwan,


Thank you for the responce. My ASA is 5505 software version 7.2 (4)


Regards,

Ejaz

rizwanr74 Wed, 04/25/2012 - 11:54
User Badges:
  • Gold, 750 points or more

I included for you, Cisco documentation for RA vpn on ASA, so please see the attached.


if you have L3 switch inside your network, where your ASA is connected, please make sure, that you have a static route in place to push your remote vpn-pool network segment to FW's inside interface.


thanks

Ejaz Ahmed Wed, 04/25/2012 - 12:02
User Badges:

Hi Rizwan,


Thank you again for the response. We have l2 switch inside ou network.

Could please send me the RA vpn configuration with radius server ?


Will this configuration affect the existing site to site VPN ?


Regards,

Ejaz

rizwanr74 Wed, 04/25/2012 - 12:13
User Badges:
  • Gold, 750 points or more

Please see attached for radius based authentication.


"Will this configuration affect the existing site to site VPN ?" 


No, but be consistance with crypto names your have alread created for existing L2L tunnels with new index number "crypto map mymap"

Thanks

Rizwan Rafeek

rizwanr74 Wed, 04/25/2012 - 12:33
User Badges:
  • Gold, 750 points or more

check your private message.


thanks

Ejaz Ahmed Sun, 05/06/2012 - 11:42
User Badges:

Hi Rizwan,


I have configured the Remote Access VPN in my ASA. When I try to connect it showing an error like this


"Secure remote connection terminated by peer.

Reason 433:(Reason Not specified by peer)'


Regards,

Ejaz

rizwanr74 Sun, 05/06/2012 - 12:19
User Badges:
  • Gold, 750 points or more

Please post your config.


thanks

Actions

This Discussion