Solved

Setting up VPN on ASA

Posted on 2011-02-13
2
481 Views
Last Modified: 2012-08-13
Experts,

I am looking to set up VPN on a Cisco ASA to allow for users to work remotely and access Mapped drives. Everything I have done,I still cannot connect correctly, or when I do I am not getting the Correct IP adresses. So I have undone everything that I have done, and I am now asking the Community for some help.

I would like for someone to give me all the Correct Commands for setting up AnyConnect

I would like to use the Following DHCP Ip addresses

10.8.1.200 / 10.8.1.250
Gateway is 10.8.1.254

Users would conect to outside IP address let say 95.100.43.1 (Fake of course)

I have local users already set up.
0
Comment
Question by:rperault
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 34

Accepted Solution

by:
Istvan Kalmar earned 500 total points
ID: 34885675
Hi,

you need something this:

webvpn
enable outside
revert webvpn url-list SSL_Bookmarks
import webvpn url-list Bookmark disk0:/tmpAsdmImportFile148579927
delete /noconfirm disk0:/tmpAsdmImportFile148579927
webvpn
svc image disk0:/anyconnect-win-2.2.0136-k9.pkg 1
svc enable

ip local pool SSL_Pool 10.8.1.200-10.8.1.250 mask 255.255.255.0
group-policy SSL_Policy internal
group-policy SSL_Policy attributes
vpn-tunnel-protocol svc webvpn
webvpn
url-list value Bookmark
svc enable
configure terminal
tunnel-group SSL_Connection type remote-access
tunnel-group SSL_Connection general-attributes
default-group-policy SSL_Policy
address-pool SSL_Pool
webvpn
tunnel-group-list enable
tunnel-group SSL_Connection webvpn-attributes
group-alias AnyConnect enable


http://www.petenetlive.com/KB/Article/0000069.htm

If you have any problem, please provide us your config

Best Regards,
Istvan

0
 

Author Closing Comment

by:rperault
ID: 34897767
Thanks
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco 3650 switch licensing 6 73
Anyconnect landing page login failed 2 39
VOIP gateways - feedback 23 117
Cisco Edge Routers for BGP 6 113
If you have an ASA5510 then this sort of thing would be better handled with a CSC Module, however on an ASA5505 thats not an option, and if you want to throw in a quick solution to stop your staff going to facebook during work time, then this is the…
There are many useful and sometimes not well documented or forgotten IOS or ASA/PIX commands. See IPE article here , there was also one on PacketU and on Cisco Tips & Tricks. Below are my favorites. I give also a few most often used for Cisco IPS an…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question