Cisco ASA Firewall Remote Access IPSec VPN Basic Configuration
Cisco #ASA Firewall #Remote Access #IPSec #VPN Basic Configuration
ip local pool RemoteAccessVPN_Pool 192.168.99.1-192.168.99.254 mask 255.255.255.0
object network RemoteAccessVPN
subnet 192.168.99.0 255.255.255.0
access-list RemoteAccessVPN_Split_Tunnel_ACL standard permit 10.254.10.0 255.255.255.0
access-list RemoteAccessVPN_Split_Tunnel_ACL standard permit 10.254.11.0 255.255.255.0
nat (SERVER,Outside) source static any any destination static RemoteAccessVPN RemoteAccessVPN no-proxy-arp route-lookup
nat (WORKSTATION,Outside) source static any any destination static RemoteAccessVPN RemoteAccessVPN no-proxy-arp route-lookup
crypto ipsec ikev1 transform-set RemoteAccess_VPN_Crypto_TransformSet esp-3des esp-md5-hmac
crypto dynamic-map Outside_Crypt_Map 20 set ikev1 transform-set RemoteAccess_VPN_Crypto_TransformSet
crypto map Outside_Crypto_Map 10 ipsec-isakmp dynamic Outside_Crypt_Map
crypto map Outside_Crypto_Map interface Outside
crypto ikev1 enable Outside
crypto ikev1 policy 10
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
group-policy GroupPolicy_RemoteAccessVPN internal
group-policy GroupPolicy_RemoteAccessVPN attributes
dns-server value 8.8.8.8 8.8.4.4
split-tunnel-policy tunnelspecified
split-tunnel-network-list value RemoteAccessVPN_Split_Tunnel_ACL
default-domain value obeyitspearo.local
address-pools value RemoteAccessVPN_Pool
tunnel-group RemoteAccessVPN_ObeyITSpearo type remote-access
tunnel-group RemoteAccessVPN_ObeyITSpearo general-attributes
default-group-policy GroupPolicy_RemoteAccessVPN
tunnel-group RemoteAccessVPN_ObeyITSpearo ipsec-attributes
ikev1 pre-shared-key *****
username raobeyit password ***** privilege 0
username raobeyit attributes
vpn-group-policy GroupPolicy_RemoteAccessVPN
by ObeyITSpearo
simple network management protocol
