ASA me2

Let's troubleshoot... We also do trainings .. Checkout our training page https://asame2.blogspot.com/p/we-also-deliver-trainings.html

Featured Post

How to generate a CSR on Cisco ASA using CLI? CSR- (Certificate signing request)

First thing we need is an RSA key pair:   crypto key generate rsa label SSL-Key modulus 1024 noconfirm Create a trust-point crypto ca...

Recent Comments

Recent Post

Monday 12 October 2015

EZVPN on routers

  October 12, 2015    


Server side:
=================

username ezvpn-spoke1 password cisco1

aaa authentication login USER_AAA local
aaa authentication login USERLIST local
aaa authorization network GROUP_AAA local

Create A pool:
====================
ip local pool VPN-POOL 10.1.1.1 10.1.1.10

Split ACL :

ip access-list extended SPLIT_T
permit ip 192.168.0.0 0.0.255.255 any

!--- IKE configuration
!
crypto isakmp policy 10
encr 3des
hash md5
authentication pre-share
group 2

!
crypto isakmp client configuration group VPN1
acl SPLIT_T
key cisco123
pool VPN-POOL
save-password

!--- IPSec configuration
!
crypto ipsec transform-set TRANSFORM-1 esp-3des esp-md5-hmac
!
! Create a dynamic map
crypto dynamic-map dynamap
set transform-set TRANSFORM-1
!
crypto map mymap client authentication list USER_AAA
crypto map mymap isakmp authorization list GROUP_AAA
crypto map mymap client configuration address respond
crypto map mymap 30000 ipsec-isakmp dynamic dynamap

on public interface
crypto map mymap


Client Side config:
=========================
!--- IPSec configuration
!
crypto ipsec client ezvpn VPN1
connect auto
group VPN1 key cisco123
mode client
peer 1.1.1.1
username ezvpn-spoke1 password cisco1


on private interface
crypto ipsec client ezvpn VPN1 inside

on public Interface:
====================
crypto ipsec client ezvpn VPN1













Ref:
http://www.cisco.com/c/en/us/td/docs/routers/access/1800/1841/software/configuration/guide/sw/ezvpn.html

  No Comments

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)