• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 655
  • Last Modified:

Cisco Site-to-Site VPN

Just a general question about setting up VPN on Cisco ASA5505.

I haven't setup Cisco vpn's in a long time so I am a little confused.by some of the resources on the internet.

So my question is this.

In my experience when we needed to setup a site-to-site vpn. The VPN pipe itself would be setup similar to a leased line or connection. Which mean having Ip address and routing statements for each end of the pipe.  

But the Cisco easyVPn setup or even the PIX VPN config's I've seen on Cisco site you don't need to do that anymore. Instead of using routing statement the pipes are automatically built and access-lists route the traffic through the pipes.

My question is whether the current method of setting up Site-to-Site VPN is the current standard or should i be looking into building the pipe with routing statements? (at this point my network isn't very complex and only involves 2 sites.)


0
shamanxia
Asked:
shamanxia
2 Solutions
 
vervenetworksCommented:
Using the ASDM, you can easily set a Site-2-Site VPN which is what you want.  It is wizard driven, so fairly easy to follow.  Make sure that the ACLs include an allow for each subnet to the other subnet/resource, and then a deny any any.  The wizard will take care of the NAT deny statements.
0
 
Pete LongTechnical ConsultantCommented:
use site to site vpns for sites with static ip addresses http://www.petenetlive.com/KB/Article/0000072.htm
if you have one site with a dynamically assigned ip address THEN use easyvpn http://www.petenetlive.com/KB/Article/0000337.htm

PeteNetLive
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now