08-01-2012 06:21 AM
Afternoon all,
We have a cisco 800 in a remote site which we wanted to use for a site to site vpn. I thought this would be simple as i have setup ipsec and ssl vpn's before on ASA's without any issues. This has gone so wrong that i think its best just to start again. The senario is this:
We have a remote cisco 800 which has a LAN network of 172.20.224.0/20. Right now all the 800 is doing is DSL authentication and letting all traffic out. Ther server network sits behind an ASA 5505 and has an ip of 192.168.168.0/24. What i was hoping to get was a vpn tunnel that would say up permanently routing traffic to the server LAN. What i would like is a simple config to put on the 800 and 5505 just to get it working. I am sure its easy but i have just been looking at it too long. Any help would be much appricaited.
Graham
08-01-2012 07:00 AM
It is certainly quite doable but can be a bit tricky if you haven't done it before.
I suggest using Cisco Configuration Professional (CCP - free tool) on the router end and the ASDM VPN Wizard on the ASA end. Those respective GUIs will step you through the setup to get things running.
08-01-2012 08:22 AM
marvin,
Thanks for the reply. I was actually using these tools to try and configure it before without any success. I have ran through the wizards again. How can i make this a constant vpn session and not one that is intiated through traffic?
08-01-2012 08:42 AM
IPsec VPNs always have the requirement for "interesting traffic" to bring up (and, at the time of tunnel exppiration, renew) a VPN.
If you want to keep it up in the absence of end user traffic you can potentially setup a script using IPSLA to send a ping every n seconds.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide