We are using a cisco vpn 3030 concentrator. 8 Groups are required. In the first step we use pre-shared key instead of certificates. But we want to have the most options for extensions which may be required in future. How should we start?
A) One tunnel-group for all groups?
B) One tunnel-group per group (lock user to tunnel-group)?
C) Groups are defined on the concentrator and users are authenticated via RADIUS?
D) Groups and users are defined on the RADIUS Server?
I would prefer A in combination with C, but I am not sure. Maybe there is a better way of getting started?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...