Step By Step Guide To Setup Remote Access VPN In Cisco ASA5500 Firewall With Cisco ASDM
1. Check Cisco firewall ASA version
Make sure you have ASA 8.2.2 and up. You cannot connect your Windows clients if you have ASA 8.2.1 because of the Cisco software bug.
2. Start Cisco firewall IPsec VPN Wizard
Login to your Cisco firewall ASA5500 ASDM and go to Wizard > IPsec VPN Wizard ... and follow up the screens.
2.1 In "VPN Tunnel Type", choose "Remote Access"
From the drop-down list, choose "Outside" as the enabled interface for the incoming VPN tunnels.
Keep the box checked,"Enable inbound IPSec sessions to bypass interface access lists. Group policy and per-user authorization access lists still apply to the traffic."
2.2 In Remote Access Client, Check "Microsoft Windows client using L2TP over IPSec"
Check "MS-CHAP-V1" and "MS-CHAP-V2" as PPP authentication protocol.
2.3 Choose "Pre-shared Key" for VPN Client Authentication Method
Pre-shared key must be the same for the firewall and client side.
2.4 Authenticate remote users using local device user database
2.5 Add new user into the user authentication database
You will use this username and password to connect in the client side.
2.6 Add address pool
Create a pool of local addresses to be used for assigning dynamic IP addresses to remote VPN clients.
You can use 10.10.20.240 to 10.10.20.249 (may depends on your internal network).
2.7 Leave empty for attributes pushed to the client
2.8 Default for IKE Policy
3DES encryption & SHA authentication and Diffie Hellman Group 2.
2.9 Default for IPSec Settings
Uncheck "Enable split channeling ..." and uncheck "Perfect Forwarding Secrecy(PFS)"
2.10 Verify the summary information and click "Finish" button
3. Add Transform Set
Go to Configuration > Remote Access VPN > Network (Client) Access > Advanced > IPSec > Crypto Maps.
Edit the IPSec rules and add "TRANS_ESP_3DES_SHA" and click "Ok" button.
Save the running configuration to flash and all done.
- L2TP Over IPsec Between Windows 2000/XP PC and PIX/ASA 7.2 Using Pre-shared Key Configuration Example
- How to configure an L2TP/IPSec connection by using Preshared Key Authentication
- Step By Step Guide To Setup Windows 7/Vista VPN Client to Remote Access Cisco ASA5500 Firewall
- Step By Step Guide To Setup Windows XP/2000 VPN Client to Remote Access Cisco ASA5500 Firewall
Other Knowledgebase Articles
Basic Windows Hosting
# of Domains: 4
# of SQL Server Databases: 4
Disk Space: 50GB
SQL Server 2014
Express Hyper-V Hosting
Disk Space: 100GB
Windows 2012/2008: Free
Dedicated Windows Server
CPU: Quad-Core X3440 CPU
RAM: 16GB RAM
Disk: 2x120GB SSD + 300GB SATA
RAID: RAID 1
Windows 2012/2008: Free