Cisco Systems ASA 5500 manual Implementing the Remote-AccessScenario, Select VPN Clients

Chapter 7 Scenario: Remote-Access VPN Configuration

Implementing the Remote-Access Scenario

Implementing the Remote-Access Scenario

The following sections provide instructions for configuring the adaptive security appliance in a remote-access deployment, using example parameters from the remote-access scenario illustrated in Figure 7-1.

Information to Have Available

•Range of IP addresses to be used for an IP pool

•List of users to be used in creating a local authentication database, unless you will be using a AAA server for authentication

•Networking information to be used by remote clients, including:

–IP addresses for the Primary and secondary DNS servers

–IP addresses for the Primary and secondary WINS servers

–Default domain name

–List of IP addresses for local hosts, groups and networks that should be made accessible to authenticated remote clients

Configuring the Remote-Access VPN

The ASDM VPN Wizard enables you to configure the adaptive security appliance as a remote-access VPN headend device in a series of simple steps:

1.Configure the Adaptive Security Appliance for Remote-Access VPN.

2.Select VPN Clients.

3.Specify the VPN Tunnel Group Name and Authentication Method.

4.Specify a User Authentication Method.

5.Configure User Accounts (optional).

6.Configure Address Pools.

7.Configure Client Attributes.

8.Configure the IKE Policy.

9.Configure IPSec Encryption and Authentication parameters.