I have a few external clients that need to access the internal file servers and want to use the Cisco VPN to accomplish this. I'm somewhat of a newbie and was hoping there was a detailed tutorial out there to get this setup or some other information someone could share for this soution. I'm not using AAA servers, and would like to use the IPSec route. Any help would be greatly appreciate.
Jay, thanks for the response and yes that will help. I already have 3 IPSec connection with external clients using a VPN concentrator on their end. Will setting up the configuration in the above doc affect those in any way?
What you would want to really be concerned with in the above example, is the crypto map statement that refers to the dynamic crypto map set. You will want this one (for end user clients) to be set to the lowest priority, so the highest number (i think the max number is 65k, or some such) of all of your crypto map statements to ensure that your site to site ipsec tunnels do not try to negotiate the parameters that you will be using for end user vpn access (as they might require username and password auth, and other features the other end is not configured to do).
mostiguy, Thanks for your response. I'm almost there. Inbetween the PIX and my internal network I have a 3640 and there are several networks I want to be able to access on the other side of the 3640. Do I need any special routes configured on the PIX or 3640 if I want to be able to access files on the internal LAN? Thanks!!
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...