Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
885
Views
0
Helpful
6
Replies

VPN Newbie Which Client?

llamaw0rksE
Level 1
Level 1

‎04-06-2012 08:28 AM

What I have:

-ASA 5505 basic license  8.43 and ADSM, 

-need for one external user to have full access to the inside network.  Users home IP is dynamic and travels a lot as well (windows OS)

-disk from IT containing the following bit and pieces

( anyconnect-EnableFIPs-win-3.0.5080 / anyconnect macosx-i386-2.5.3055-k9.pkg / zipfile named anyconnect-win-vpnapi-2.5.3055 / vpnclient-win-msi-5.0.07.0410-k9 / asa843-k8 / asdm-647 / c3750-ipbasek9-mz.122-55.SE5 / c3750-ipservicek9-mz.122-55.SE5 )

( the zip file created folder with subfolders: examples, include, lib and a bunch of files doxygen, apis etc...... )

Questions:

(1) What are my options given the above for the external user??

(2) Currently I administer ASA via adsm https or ssh.  I would like to administer via an Ipsec to Ipsec tunnel from a zyxel USG 100.

-Is it possible to administer the ASA via a VPN tunnel to the router (not to any specific inside or dmz interface)?

-If so, do I tunnel and use https and ssh through the tunnel?

Labels:
0 Helpful
6 Replies 6

andrew.prince
Level 10
Level 10

‎04-07-2012 01:37 AM

Alex,

This question at this time is academic - do you have a license for VPN users???? How many VPN Peers does your current license contain??

To answer your other questions:-

1) This is based on your license

2)

     a) Yes

     b) Yes

HTH>

0 Helpful

llamaw0rksE
Level 1
Level 1
In response to andrew.prince

‎04-07-2012 04:46 AM

Yes I have a license which has something like two SSL VPN users and 10 ipsec users. (basic).  i have attached a jpeg fromthe license page for detail............

0 Helpful

andrew.prince
Level 10
Level 10
In response to llamaw0rksE

‎04-07-2012 07:00 AM

Vpnclient-win & AnyConnect-win & client less spl VPN.

hth

0 Helpful

llamaw0rksE
Level 1
Level 1
In response to andrew.prince

‎04-07-2012 11:36 AM

By anyconnect-win... does this include the variation where you need to download the .pkg file and the router pushes it to the client.  ???

For the ipsec to ipsec connection from me the admin to the asa itself (and not to the inside lan),  what do I put for interfaces or local stuff on the asa side (as I am not identifying a subnet I want to access ??)

0 Helpful

andrew.prince
Level 10
Level 10
In response to llamaw0rksE

‎04-07-2012 12:26 PM

The .pkg will install on the remote end computer.  With the "win" in the name - the remote end must be a Windows OS.

Read the below link - it has configuration examples that answer all your questions.

http://www.cisco.com/en/US/customer/products/ps6120/prod_configuration_examples_list.html

HTH>

0 Helpful

llamaw0rksE
Level 1
Level 1
In response to andrew.prince

‎04-07-2012 02:06 PM

hmm that link doesnt open for me?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents