3 & 4. Analyze functions of your VPN 3000 setup and make notes. Study and learn ASA VPN capabilities and how to implement them. Note new features available and make an informed decision about any you choose to use. Build VPN in your lab and confirm it works as desired. Transition to production use along with good communications to users about changes and how to understand them. How much really depends on how you are using the system and your users' comfort level with technology change.
Please follow the below mentioned steps to make your things simpler and you can gain more confident in doing it.
1) 1st collect the VPN settings what you have deployed in VPN concentrator.... have that information handy with you, which should include the access information for the vpn users.
2) ASA has different VPN options to do with IPSec RA / Anyconnect / L2L etc. You can choose the VPN option which you are planning to migrate.
3) If you have the spare public IP... then you can build the parallel setup using a new public ip and have the VPN setup created and test it end to end... then you can either migrate to the IP of the VPN concentrator or a new IP itself.
in ASA Conf t# vpnsetup ipsec-remote-access steps
will give you config example of ipsec RA... also you can find information for site to site, ssl vpn, l2tp vpn as well.... this will give you the simple information about VPN.... you can add the setup based on your requirement.... like 3rd party authentication.... etc as per your requirement.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...