Posted on 2009-12-28
Last Modified: 2012-05-08
Hi ,

Can any one advice on any standard template for creating VPN in ASA 5540?

Please provide step and step procedure.

Question by:phoenix26
    LVL 16

    Expert Comment


    use the following configuration running with me:

    access-list VPN standard permit

    access-list cisco_splitTunnelAcl standard permit any

    access-list inside_nat0_outbound extended permit ip any

    ip local pool POOL mask

    crypto ipsec transform-set transet esp-des esp-md5-hmac
    crypto ipsec security-association lifetime seconds 28800
    crypto ipsec security-association lifetime kilobytes 4608000
    crypto dynamic-map dynmap 10 set transform-set transet
    crypto map cryptomap 10 ipsec-isakmp dynamic dynmap
    crypto map cryptomap interface outside
    crypto isakmp identity address
    crypto isakmp enable outside
    crypto isakmp policy 10
     authentication pre-share
     encryption des
     hash md5
     group 2
     lifetime 86400
    no crypto isakmp nat-traversal

    group-policy NAME internal
    group-policy NAME attributes
     split-tunnel-policy tunnelspecified
     split-tunnel-network-list value VPN
    username password password encrypted privilege 0
    username attributes
     vpn-group-policy NAME
     service-type remote-access

    tunnel-group NAME type remote-access
    tunnel-group NAME general-attributes
     address-pool POOL
     default-group-policy NAME
    tunnel-group NAME ipsec-attributes
     pre-shared-key your.key


    Author Comment


    Please advice what type of vpn is this?

    Kindly eloborate as iam new to vpns.

    LVL 16

    Accepted Solution

    remote access VPN through IPsec
    you need a cisco VPN client to connect


    Expert Comment

    is this the ip address of the outside interface?

    access-list VPN standard permit

    Featured Post

    Why You Should Analyze Threat Actor TTPs

    After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

    Join & Write a Comment

    Suggested Solutions

    Title # Comments Views Activity
    vpn tunneling 6 49
    Unable to RDP on VPN 8 37
    ASA 5505 Slowing Internet 11 114
    AnyConnect to 3rd vpn site 4 45
    Juniper VPN devices are a popular alternative to using Cisco products. Last year I needed to set up an international site-to-site VPN over the Internet, but the client had high security requirements -- FIPS 140. What and Why of FIPS 140 Federa…
    This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    728 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now