9-3
Cisco ASA 5500 Series Getting Started Guide
78-19186-01
Chapter 9 Scenario: IPsec Remote-Access VPN Configuration
Implementing the IPsec Remote-Access VPN Scenario
•
(Optional) Configuring User Accounts, page 9-9
•
Configuring Address Pools, page 9-10
•
Configuring Client Attributes, page 9-11
•
Configuring the IKE Policy, page 9-12
•
Specifying Address Translation Exception and Split Tunneling, page 9-14
•
Specifying Address Translation Exception and Split Tunneling, page 9-14
•
Verifying the Remote-Access VPN Configuration, page 9-16
Information to Have Available
Before you begin configuring the adaptive security appliance to accept remote
access IPsec VPN connections, make sure that you have the following information
available:
•
Range of IP addresses to be used in an IP pool. These addresses are assigned
to remote VPN clients as they are successfully connected.
•
List of users to be used in creating a local authentication database, unless you
are using a AAA server for authentication.
•
Networking information to be used by remote clients when connecting to the
VPN, including the following:
–
IP addresses for the primary and secondary DNS servers
–
IP addresses for the primary and secondary WINS servers
–
Default domain name
–
List of IP addresses for local hosts, groups, and networks that should be
made accessible to authenticated remote clients
Configuring an IPsec Remote-Access VPN
To configure a remote-access VPN, perform the following steps:
Step 1
In the main ASDM window, choose
IPsec VPN Wizard
from the Wizards
drop-down menu. The VPN Wizard Step 1 screen appears.