Solved

Cisco Site-to-Site VPN

Posted on 2011-03-14
2
645 Views
Last Modified: 2012-05-11
Just a general question about setting up VPN on Cisco ASA5505.

I haven't setup Cisco vpn's in a long time so I am a little confused.by some of the resources on the internet.

So my question is this.

In my experience when we needed to setup a site-to-site vpn. The VPN pipe itself would be setup similar to a leased line or connection. Which mean having Ip address and routing statements for each end of the pipe.  

But the Cisco easyVPn setup or even the PIX VPN config's I've seen on Cisco site you don't need to do that anymore. Instead of using routing statement the pipes are automatically built and access-lists route the traffic through the pipes.

My question is whether the current method of setting up Site-to-Site VPN is the current standard or should i be looking into building the pipe with routing statements? (at this point my network isn't very complex and only involves 2 sites.)


0
Comment
Question by:shamanxia
2 Comments
 
LVL 3

Accepted Solution

by:
vervenetworks earned 250 total points
ID: 35132616
Using the ASDM, you can easily set a Site-2-Site VPN which is what you want.  It is wizard driven, so fairly easy to follow.  Make sure that the ACLs include an allow for each subnet to the other subnet/resource, and then a deny any any.  The wizard will take care of the NAT deny statements.
0
 
LVL 57

Assisted Solution

by:Pete Long
Pete Long earned 250 total points
ID: 35132739
use site to site vpns for sites with static ip addresses http://www.petenetlive.com/KB/Article/0000072.htm
if you have one site with a dynamically assigned ip address THEN use easyvpn http://www.petenetlive.com/KB/Article/0000337.htm

PeteNetLive
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will cover setting up redundant ISPs for outbound connectivity on an ASA 5510 (although the same should work on the 5520s and up as well).  It’s important to note that this covers outbound connectivity only.  The ASA does not have built…
Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now