ASA me2

Let's troubleshoot... We also do trainings .. Checkout our training page https://asame2.blogspot.com/p/we-also-deliver-trainings.html

Featured Post

How to generate a CSR on Cisco ASA using CLI? CSR- (Certificate signing request)

First thing we need is an RSA key pair:   crypto key generate rsa label SSL-Key modulus 1024 noconfirm Create a trust-point crypto ca...

Recent Comments

Recent Post

Tuesday, 6 October 2015

VTI - DVTI cofig for VPN client

  October 06, 2015    


crypto isakmp policy 10
 encr 3des
 hash md5
 authentication pre-share
 group 5
!
!Create a pool: ip local pool ippool 192.168.1.1 192.168.1.2
!
!Split ACL:
!
access-list 101 permit ip 10.10.10.0 0.0.0.255 192.168.1.0 0.0.0.255
!
!Create isakmp group:
!================
crypto isakmp client configuration group cisco
key cisco
acl 101
pool ippool
!
aaa authentication login methodlist1 local aaa authorization network methodlist2 local
!
!Create IPSec policies:
!================
crypto ipsec transform-set MYSET esp-3des esp-sha-hmac
!
!Create ISAKMP profile and associate ISAKMP group with it:
!============================================
crypto isakmp profile myprofile
match identity group cisco
client authentication list methodlist1
isakmp authorization list methodlist2
client configuration address respond
virtual-template 1
!
!Create IPSec profile and associate isakmp profile:
!=================================================
crypto ipsec profile cisco
set isakmp-profile myprofile
set transform-set MYSET
!!
!Create a virtual Template:
!==============================================
interface Virtual-Template 1 type tunnel
ip unnumbered <egress interface>
tunnel source <egress interface>
tunnel mode ipsec ipv4
tunnel protection ipsec profile myprofile



  No Comments

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)