Cisco ASA 5510 for VPN connection from remote siteusing Cisco Router 2620

I am using Cisco ASA 5510 for VPN connection and from remote site I am using Cisco Router 2620 for a remote VPN connection as a client VPN with ASA.
I have problem with remote site that every time if my Cisco Router 2620 restart it will not establish VPN connection direct but  it will go to VPN authentication screen so someone need to login to that router and enter these credentials then it will build a VPN client connection with ASA 5510.
Some Running Configuration from my remote site client router if you need any configuration to better understand my question please let me know. Waiting for your helpful answers.

ae-auh-wv-rt02#show running-config
Building configuration...

Current configuration : 4861 bytes
!
! Last configuration change at 10:54:23 UTC Mon Dec 12 2011 by admin
!
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ae-auh-wv-rt02
!
boot-start-marker
boot system flash:c2801-advsecurityk9-mz.151-3.T2.bin
boot-end-marker
!
!
enable secret 5 $1$srqW$HXkpz.5QyKdzbiOL5FAhT0
!
no aaa new-model
!
dot11 syslog
ip source-route
!
!
!
!
!
ip cef
ip domain name yourdomain.com
ip name-server 192.168.1.2
ip name-server 192.168.2.250
ip multicast-routing
ip ips notify SDEE
!
multilink bundle-name authenticated
vpdn enable
!
vpdn-group 1
!
!
crypto pki token default removal timeout 0
!
crypto pki trustpoint test_trustpoint_config_created_for_sdm
 subject-name e=sdmtest@sdmtest.com
 revocation-check crl
!
!
!
!
license udi pid CISCO2801 sn FHK1428F2RV
archive
 


!
redundancy
!
!
!
class-map match-any sdm_p2p_kazaa
 match protocol fasttrack
 match protocol kazaa2
class-map match-any sdm_p2p_edonkey
 match protocol edonkey
class-map match-any sdm_p2p_gnutella
 match protocol gnutella
class-map match-any sdm_p2p_bittorrent
 match protocol bittorrent
!
!
!
!
!
!
!
crypto ipsec client ezvpn ezvpnwv
 connect auto
 group DefaultRAGroup key thakral123
 mode network-extension
 peer 94.56.216.118
 xauth userid mode interactive
!
!
!

nainasipraAsked:
Who is Participating?
 
Fallacy11Connect With a Mentor Commented:
Router -  http://www.cisco.com/en/US/products/ps9422/products_configuration_example09186a0080b4ae61.shtml

ASA-
http://www.cisco.com/en/US/products/ps5855/products_configuration_example09186a0080a9a7a3.shtml

Remember to click the generate mirror option in the router config gui and use that for help with configuring the ASA
0
 
PatrickG022200Commented:
Configure a "site to site" vpn connection instead of a "remote access" connection.
0
 
Fallacy11Commented:
You have to configure a Site-to-Site VPN which will automatically establish adjacency, so use the GUI you're using with then router an use the Site to Site VPN wizard, after doing that generate a mirrror and run the site-to-site wizard on the ASA entering the info you got from the mirror configuration, make sure all nat exemptions for the separate subnets on each side so it knows to keep the ip addressing on the tunnel, also allow traffic to traverse networks on the firewall rules and you should be good
0
 
nainasipraAuthor Commented:
Dear Experts

Thanks for this help i will try to configure as per your guidance. I will get back to you for the result. could you send me any site link for this detail configuration it will be very helpful for me.
thanks once again.
 

0
 
nainasipraAuthor Commented:
Dear Fallacy,

do i need Public IP address for both sites also because i have Public static IP address for Head Office(ASA 5510) but i don't have public IP for remote site(Router). Can i do site to site VPN with this mean i have public IPs for ASA but which ip i will use for remote site.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.