ASA Version 7. TIA Below is the config for the ASA 5505 which works fine for the direct plugged in users. However, Easy VPN does not allow you to view and connect to computers on the inside interface like a site to site VPN would allow (which I've also tried setting up, but when the two sites get connected, no data flows through as a result of the comcast router). The Users directly plugged in are getting them from the ASA 5505. We would like to be able to access a computer through RDP (tcp port 3389) behind that Cisco (192.168.16.8) from the central office. When the easy vpn connection connects to our main office, it gets an IP address from the DHCP server there. The Cisco inside interface is 192.168.16.1. Use the user-authentication-idle-timeout command to set or remove the idle timeout period after which the Easy VPN Server terminates the client’s access. The inside interface of the Cisco hands out 192.168.16.x addresses via DHCP. Caution Do not configure IUA on a Cisco ASA 5505 configured as an Easy VPN server if a NAT device is operating between the server and the Easy VPN hardware client. That said, DPD on the ASA is sent only when no active traffic is detected. The bottom message is the oldest, and the top message is the newest. For what its worth, your log messages are backwards. For detailed information about the Cisco VPN Client, refer to the Cisco VPN Client Data Sheet. The operation of DPD is described in more detail in RFC 3706.
ASA 5505 DPD EASYVPN SERIES
When this was first set up, we forwarded port 443 from the Comcast router to the Cisco so we could access the ASDM remotely. Cisco Easy VPN Remote is now available on Cisco 800, 1700, 1800, 2800, 3800, and UBR900 Series Routers, Cisco ASA 5505 Adaptive Security Appliances, as well as Cisco PIX 501 and 506E Security Appliances and the Cisco VPN Client. This means that the cisco gets an outside interface of whatever DHCP is handing out from the Comcast router (which happens to be 192.168.1.69). The firewall at our main office is also an ASA 5505.Ī couple of items to note about this user: The user is behind a comcast modem/router with the ASA 5505 behind it. We have a remote user that is set up with Easy VPN on a Cisco ASA 5505 so that they are VPN'd into our main company router (this eliminates the need to use the cisco VPN client every time they want to get e-mail, etc.).
0 kommentar(er)
