EASY VPN

mohamed fayz · ‎11-21-2013

Hai,

one of my customer is having an easy vpn setup, in which his router is acting as a Easy VPN server and 2 branch routers are connected to it as a easy vpn client.

Now, i need to change the customer EASY VPN Server router and all the vpn should terminate in firewall. Please guide!!!

Marius Gunnerud · ‎11-21-2013

Hi, The following is an example of how you can configure EazyVPN on an ASA5500 
firewall that is running verison 9.0 or higher.  This link is for EazyVPN 
configuration between ASA version 7.x and a cisco 871. There might be some 
differences in the configuration from the 9.0 but for the most part it should 
be correct.

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_
example09186a0080809222.shtml
object network HQ-LAN
subnet  

object network SPOKE-LAN
subnet  

nat (inside,outside) source static HQ-LAN HQ-LAN destination static SPOKE-LAN 
SPOKE-LAN


crypto ikev1 policy 1
authentication pre-share
hash sha
encryption aes
group 2


crypto ipsec ikev1 transform-set mySET esp-des esp-md5-hmac 
crypto dynamic-map myDYN-MAP 5 set ikev1 transform-set mySET 
crypto map myMAP 60 ipsec-isakmp dynamic myDYN-MAP 
crypto map myMAP interface outside

group-policy myGROUP internal

split-tunnel-policy tunnelall
tunnel-group DefaultRAGroup general-attributes  
default-group-policy myGROUP  

tunnel-group DefaultRAGroup ipsec-attributes  
pre-shared-key

--

Please rate all helpful posts.

--
Please remember to select a correct answer and rate helpful posts