[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

ASA 5505 Security appliance VPN setup

Posted on 2007-11-19
4
Medium Priority
?
423 Views
Last Modified: 2012-05-05
I am trying to open the ports to allow VPN Access using the 2003 server in the ASA 5505 Security appliance setup. I would also like to open the ports to allow VNC access once connected to the VPN if necessary. I am a novice at configuring these devices but the Vpn was working and configured properly before installing this device with a netgear router. Our software company needed us to install this and i am having much trouble configuring it. Thanks.
0
Comment
Question by:Tblack716
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 28

Expert Comment

by:batry_boy
ID: 20317469
Please clarify your network topology a little bit...is the ASA on the outside or inside of the netgear router?  You mention wanting to "allow VPN access using the 2003 server in the ASA 5505 security appliance setup."  In what way do you want to use the 2003 server?  For authentication, or do you want a VPN user to be able to access the 2003 server for other things?  Can you clarify?
0
 

Author Comment

by:Tblack716
ID: 20317832
the netgear router was replaced by this device. The vpn was seup and working fine prior to rreplacing the router. The vpn user would need access to the sql server running on the 2003server in order to run a medical management software, as well as access to a network drive and authentication against the domain. I hope that helps not sure if that is all the info you need or not. P.S The software we are using is called E-MDS not sure if it matters or not. http://www.e-mds.com/
0
 
LVL 28

Accepted Solution

by:
batry_boy earned 2000 total points
ID: 20320041
First, I would go through the VPN Wizard to set up remote access VPN connectivity to the ASA.  It will step you through a series of screens and it will ask for specific information.  Just answer the questions.

You asked about allowing specific ports to the VPN users once you have that configured.  Well, by default, the ASA allows ALL ports to VPN users since it is an encrypted connection.  In other words, the ASA implicitly trusts VPN connections.  Therefore, you don't have to specifically open up certain ports for VPN users to do what you're wanting to do.

There will be one question in the VPN Wizard where it will ask you about authentication and whether to use the local database or not for user authentication.  It sounds like you will want to use extended authentication since you want to authenticate your users against AD.  See the following URL for info on authenticating VPN users against AD using IAS RADIUS:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806de37e.shtml

That will get you started...
0

Featured Post

Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
There’s a movement in Information Technology (IT), and while it’s hard to define, it is gaining momentum. Some call it “stream-lined IT;” others call it “thin-model IT.”
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question