Question

Locked

Cisco noob can't create a vpn

By jjcanaday ·
My company has several remote sites that currently use Remote Desktop to access shared files(!?!) and to run an inventory tracking program with SQL back end one of the servers. I thought switching over to VPN would be better and finally got the upgrade from a PIX 506e to an ASA 5510. I've been trying to set up a VPN for 3 weeks now and just can't get it working. For my test remote site, I can use either a Linksys RV042 or an RVL200. The RV042/RVL200 seem easy enough to set up but, starting with a clean ASA, could someone PLEASE give me the set of commands to run against the ASA to connect? Assume the following topology:

192.168.2.0 >> RV042 or RVL200 >> 12.23.34.45 >> Internet >> 56.67.78.89 >> ASA 5510 >> 10.0.0.0

I've tried the wizard, several configurations posted on several other sites, all to no avail. I can never get past Phase 1.

This conversation is currently closed to new comments.

9 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

Clarifications

Collapse -
by eboo98

Hi,
Just had a look on your solution, I was wondering if you still have the whole configuration for the VPN setting. Thanks Abraham

All Answers

Collapse -

Point to Point? or Host to Host or Host to Point?

by CG IT In reply to Cisco noob can't create a ...

makes a difference on what type of VPN your trying to use.

If your doing Host to Point, what VPN client program?

Collapse -

I would call it "Site to Site"

by jjcanaday In reply to Point to Point? or Host t ...

I guess Point to Point.

I would like multiple people on the remote side be able to open network shares at the same time. Also, they would have to connect to different servers here in the main office. I know some of this sounds kind of screwy but I'm starting out from where remote users were connecting into a server via Remote Desktop with Admin privileges! (Not my doing, it?s what I inherited.) I have high hopes that there is a configuration that would allow the remote users to log on to their computers with domain logins rather than local computer accounts.

Collapse -

remote users using VPN

by CG IT In reply to I would call it "Site to ...

If you want remote users to be able to VPN into the main network, gain access to network resources, published shares in Active Directory, then RRAS is a way to go. you can configure PPTP or L2TP and IPSec for remote access clients.

A VPN client program can be configured for users to provide 2 factor authentication and access to network resources [shared resources].

Might want to look into Microsoft's ADAM. you can check out ADAM at Microsoft Technet. Allows appls to run as a user account rather than Network Service Account. ADAM Active Directory Application Mode.

Collapse -

Yes, Site to Site is the way to go

by career In reply to I would call it "Site to ...

Site to Site (or Lan to Lan) VPN is the way to go here.

Are you sure the Linksys Routers support IPSec VPN? Cisco should have some type of config example out there for this, considering they own Linksys.

Collapse -

That's what I thought...

by jjcanaday In reply to Yes, Site to Site is the ...

but if there is one, I can't find it.

BTW, I was on vacation when you posted this. I had forgotten about it until I received another post on this thread.

The Linksys router was easy - it was the ASA that was giving me fits. I eventually got about 80% there with another white paper from proxicast. The tunnel formed (according to both sides) but computers couldn't see/ping each other. Cisco tech support finally got me up.

Collapse -

Did you get it working?

by dfindlay In reply to Cisco noob can't create a ...

Did you get this to work? I have a customer who wants to do the exact same thing.

Collapse -

Cisco Tech Support finally got it working...

by jjcanaday In reply to Did you get it working?

I was able to finally get it about 80% working using proxicast's LAN-Cell to Cisco ASA VPN Example. (Google "technote LCTN0014) I used the non-Wizard mode starting on page 19. At that point, the VPN would connect but, computers couldn't see (or ping) each other.

Finally, Cisco got it working by setting up the proper ACL. I can't find the log of her session right now -- I'll try to post it on Monday.

Back to Networks Forum
9 total posts (Page 1 of 1)  

Hardware Forums