Cisco VPN IPSEC Simple configuration example


 

 

The bellow section will guide you step by step trough configuring and administering a simple Cisco VPN IPSEC installation including common configurations like :

  1. Logging in to the Device using ASDM
  2. Start the IPSEC vpn wizard from the menu
  3. Create a VPN tunnel using that wizard
  4. Create the VPN client profile connection using the above mentioned profile parameters
  5. Test the VPN connection using an external link like 3g or ADSL connection

 

Initial Configuration


 

Prerequisites:

  1. To successfuly achieve the bellow configurations you will need to have a Cisco ASA any model
  2. You will need an IPSEC or security plus licence on the device in order for you to be able to create the VPN connection
  3. Also you will need a Graphical User Interface to connect to the device in order to manage it
  4. Also you will need at some stage to connect to the device via SSH to enable the advanced management and troubleshooting commands

 

 

Firstly you will to login to the Cisco ASA device using the ASDM interface.The bellow print screen is a sample of an actual prompt of the ASDM launcher

 

Upon login you need to access the VPN Ipsec wizard menu and you will have to select the remote access option and click next

Cisco-vpn-ipsec-configuration-example

After that select the next step which outlines what client access you will be enabling

 

 

Cisco-vpn-ipsec-configuration-example

 

After Establishing a Serial connection a network cable needs to be plugged into the Cisco VPN IPSEC as well as a serial console connection altogether it should look like that

 

 

Cisco-vpn-ipsec-configuration-example

After Establishing a Serial connection a network cable needs to be plugged into the Cisco VPN IPSEC as well as a serial console connection altogether it should look like that

 

 

Cisco-vpn-ipsec-configuration-example

After Establishing a Serial connection a network cable needs to be plugged into the Cisco VPN IPSEC as well as a serial console connection altogether it should look like that

 

 

Cisco-vpn-ipsec-configuration-example

After Establishing a Serial connection a network cable needs to be plugged into the Cisco VPN IPSEC as well as a serial console connection altogether it should look like that

 

 

Cisco-vpn-ipsec-configuration-example

After Establishing a Serial connection a network cable needs to be plugged into the Cisco VPN IPSEC as well as a serial console connection altogether it should look like that

 

 

Cisco-vpn-ipsec-configuration-example

After Establishing a Serial connection a network cable needs to be plugged into the Cisco VPN IPSEC as well as a serial console connection altogether it should look like that

 

 

Cisco-vpn-ipsec-configuration-example

The next step would be to submit all the setings to the ASA and write the configuration to memory

 

 

After that you need to configure the client side using the latest vpn client that can be downloaded here.After successful installation click on new vpn connection entry as bellow and proceed on configuring the parameters as needed

 

 

Cisco-vpn-ipsec-configuration-example

  1. Connection entry refers to the name of the vpn connection it can be anything useful to identify the network you are connecting to.
  2. The hostname or ip address is the ip address of the external interface of the firewall
  3. Group settings referes to the name of the tunnel group created above namely support
  4. Password would be the shared secret used to create the vpn entry above sZ--iv=$P2no/N2.

 

This completes the initial configuration of the cisco asa ipsec vpn tunnel .Like any good thing of course it may need some tunning and tweaking in order to make it better.Dont be afraid to experiment a little yourself just make sure you can reverse any of the configurations done so that you dont break any live configured VPN tunnels that may exist on the device.

 

Recommended Reading


 

  1. Cisco ACS Best Practices document
  2. Cisco ASA Best Practices and Security Hardening Document.
  3. Cisco-vpn-ipsec-configuration-examples
  4. Cisco-ids-ips-aip-idsm-configuration-examples
  5. Detailed Cisco ACS 5.2 installation and configuration example with print screens

Share The Link And Enjoy Thanks !

 

If you require assistance in configuring maintaining or migrating your current Cisco VPN IPSEC installation please contact us here