Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA5520 EZVPN - Multiple Remote Sites

Hi,

I have an asa configured as an ezvpn server.

I have an ACL to encrypt matched traffic to one of the remote sites

access-list ezvpn extended permit ip 192.168.1.0 255.255.255.0 10.11.56.0 255.255.255.0

Can I add all my site subnets to this acl or do I have to create seperate acls for each site.

I have the following group

group-policy ezvpngrp internal

group-policy ezvpngrp attributes

split-tunnel-policy tunnelspecified

split-tunnel-network-list value ezvpn

nem enable

tunnel-group sites type remote-access

tunnel-group sites general-attributes

authentication-server-group vpn

default-group-policy ezvpngrp

tunnel-group sites ipsec-attributes

pre-shared-key *

I can see the group matching my acl. Do I need seperate groups matching seperate acls or can I bundle all my remote site subnets into the one acl and use one group.

Thanks

Anthony

1 REPLY
Bronze

Re: ASA5520 EZVPN - Multiple Remote Sites

IOS Easy VPN Remote Hardware Client to a PIX Easy VPN Server Configuration Example

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080241a0d.shtml

238
Views
0
Helpful
1
Replies
CreatePlease to create content