Step By Step Guide To Setup Remote Access VPN In Cisco ASA5500 Firewall With Cisco ASDM

1. Check Cisco firewall ASA version

Make sure you have ASA 8.2.2 and up. You cannot connect your Windows clients if you have ASA 8.2.1 because of the Cisco software bug.

2. Start Cisco firewall IPsec VPN Wizard

Login to your Cisco firewall ASA5500 ASDM and go to Wizard > IPsec VPN Wizard ... and follow up the screens.

2.1 In "VPN Tunnel Type", choose "Remote Access"

From the drop-down list, choose "Outside" as the enabled interface for the incoming VPN tunnels. Keep the box checked,"Enable inbound IPSec sessions to bypass interface access lists. Group policy and per-user authorization access lists still apply to the traffic."

2.2 In Remote Access Client, Check "Microsoft Windows client using L2TP over IPSec"

Check "MS-CHAP-V1" and "MS-CHAP-V2" as PPP authentication protocol.

2.3 Choose "Pre-shared Key" for VPN Client Authentication Method

Pre-shared key must be the same for the firewall and client side.

2.4 Authenticate remote users using local device user database

2.5 Add new user into the user authentication database

You will use this username and password to connect in the client side.

2.6 Add address pool

Create a pool of local addresses to be used for assigning dynamic IP addresses to remote VPN clients. You can use to (may depends on your internal network).

2.7 Leave empty for attributes pushed to the client

2.8 Default for IKE Policy

3DES encryption & SHA authentication and Diffie Hellman Group 2.

2.9 Default for IPSec Settings

Uncheck "Enable split channeling ..." and uncheck "Perfect Forwarding Secrecy(PFS)"

2.10 Verify the summary information and click "Finish" button

3. Add Transform Set

Go to Configuration > Remote Access VPN > Network (Client) Access > Advanced > IPSec > Crypto Maps. Edit the IPSec rules and add "TRANS_ESP_3DES_SHA" and click "Ok" button.

Save the running configuration to flash and all done.

Other Resources

  1. L2TP Over IPsec Between Windows 2000/XP PC and PIX/ASA 7.2 Using Pre-shared Key Configuration Example
  2. How to configure an L2TP/IPSec connection by using Preshared Key Authentication
  3. Step By Step Guide To Setup Windows 7/Vista VPN Client to Remote Access Cisco ASA5500 Firewall
  4. Step By Step Guide To Setup Windows XP/2000 VPN Client to Remote Access Cisco ASA5500 Firewall


Other Knowledgebase Articles

Basic Windows Hosting

# of Domains: 4
# of SQL Server Databases: 4
Disk Space: 50GB
Bandwidth: Unmetered
SQL Server 2016
Monthly: $4.99
More Information About Free Shared Windows Hosting Plan

Express Hyper-V Hosting

Dedicated Memory:2GB
Disk Space: 120GB
Bandwidth: Unmetered
Windows 2016/2012: Free
Monthly: $11.99
More Information About Express Windows Hyper-V Server

Dedicated Windows Server

CPU: Quad-Core X3440 CPU
Disk: 2x120GB SSD + 300GB SATA
Bandwidth: Unmetered
Windows 2016/2012: Free
Monthly: $79.00
More Information About Dedicated Windows Server with SSD
Kubernetes Hosting | Windows VPS Hosting | SQL Server Hosting | ASP.NET Hosting | Windows Hyper-V Hosting | Dedicated SQL Server Hosting | Dedicated Windows Hosting | DNN Hosting
Cloud Application Hosting | MongoDB Hosting | CockroachDB Hosting | MySQL Hosting | MariaDB Hosting | Wordpress Hosting | Magento Hosting | Drupal Hosting | PostgreSQL Hosting | OpenCart Hosting | Redis Hosting | SQL Server Cloud Hosting