Right now for a pilot project, I need to get 1 public IP to VPN into our network. We already have a VPN network setup for the Cisco Anyconnect and it has an IP Pool of Class C addresses that are allowed to connect to our resources on the Class A network.
The Public IP is on a G4 capable device, and right now, I only need to connect the device to get into our network. I would like it to be similar to our AnyConnect setup. However, do I have to map it to the existing VPN Pool, or do I make a totally different VPN pool? The pool is actually a /24, but the addresses are setup only from 64-254 which only allows simultaneous 190 clients. I'm sure that there are no more than 10-20 simultaneous connections at any given time or slightly more. But not the entire 190.
Also, do all the VPN's have to share the same isakmp policy?
You can use the same VPN pool in multiple connection profiles or tunnel groups without any restriction, the only concern is to have enough IP addresses available.
The IPSec client and the ASA will negotiate the ike parameters during the phase 1 negotiation. Just make sure you have matching ike parameters.
Let me know if you need more clarification orif you have more questions.
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...