Click New and enter a name for your new key pair (ex: VPN). Click Add and then Add a new identity certificate. Click on Certificate Management and then click on Identity Certificates. Click on Configuration at the top and then select Remote Access VPN. I'm working with an inside network, outside network and a DMZ using the ASDM and CLI. Here are the steps I followed to make it work for my environment. The last part allows your users to browse both the inside network and the internet. I'll describe what the wizard is looking for and go through the configuration steps. In my example I'm just going to use a self-signed certificate for testing, but you should really go to the third-party certificate authority to get an SSL certificate. The SSL certificate allows your users to connect to the inside network through an encrypted tunnel. 
There are basically four parts to this: setting up your SSL certificate, configuring the VPN, then setting up the proper NAT rules, and split-tunneling if you so desire. The ASA does offer a wizard, but the wizard doesn't actually cover everything you need to do and can sometimes be a bit confusing on what it's asking for.
I know I'm not the first to attempt writing a succinct guide to quickly setting up a virtual private network (VPN) using Cisco gear, but I'm hoping this guide will be a one stop shop (blog) on how it's done with an ASA 5505 that also allows users to connect to the internet.
0 kommentar(er)
