Posted on 2009-12-28
Medium Priority
Last Modified: 2012-05-08
Hi ,

Can any one advice on any standard template for creating VPN in ASA 5540?

Please provide step and step procedure.

Question by:phoenix26
  • 2
LVL 16

Expert Comment

ID: 26136265

use the following configuration running with me:

access-list VPN standard permit

access-list cisco_splitTunnelAcl standard permit any

access-list inside_nat0_outbound extended permit ip any

ip local pool POOL mask

crypto ipsec transform-set transet esp-des esp-md5-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto dynamic-map dynmap 10 set transform-set transet
crypto map cryptomap 10 ipsec-isakmp dynamic dynmap
crypto map cryptomap interface outside
crypto isakmp identity address
crypto isakmp enable outside
crypto isakmp policy 10
 authentication pre-share
 encryption des
 hash md5
 group 2
 lifetime 86400
no crypto isakmp nat-traversal

group-policy NAME internal
group-policy NAME attributes
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value VPN
username your.name password password encrypted privilege 0
username your.name attributes
 vpn-group-policy NAME
 service-type remote-access

tunnel-group NAME type remote-access
tunnel-group NAME general-attributes
 address-pool POOL
 default-group-policy NAME
tunnel-group NAME ipsec-attributes
 pre-shared-key your.key


Author Comment

ID: 26136428

Please advice what type of vpn is this?

Kindly eloborate as iam new to vpns.

LVL 16

Accepted Solution

memo_tnt earned 2000 total points
ID: 26136440
remote access VPN through IPsec
you need a cisco VPN client to connect


Expert Comment

ID: 33266074
is this the ip address of the outside interface?

access-list VPN standard permit

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've written this article to illustrate how we can implement a Dynamic Multipoint VPN (DMVPN) with both hub and spokes having a dynamically assigned non-broadcast multiple-access (NBMA) network IP (public IP). Here is the basic setup of DMVPN Pha…
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Suggested Courses
Course of the Month16 days, 23 hours left to enroll

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question