COMPUTER TIPS

 

Enter your search terms Submit search form

  Subscribe to Computer free Tips                                                  

Email:

March, 22 , 08                    Today's Tip                              Add to Favorites  

                                                                              

			Previous Tips e 20-03-08 19-03-08 18-03-08 17-03-08 16-03-08 15-03-08 14-03-08 13-03-08 12-03-08 11-03-08 10-03-08 09-03-08 08-03-08 07-03-08 06-03-08 05-03-08 04-03-08 03-03-08 02-03-08 01-03-08 28-02-08 27-02-08 26-02-08 25-02-08 24-02-08 23-02-08 22-02-08 21-02-08 20-02-08 19-02-08 18-02-08 17-02-08 16-02-08 15-02-08 14-02-08 13-02-08 12-02-08 11-02-08 10-02-08 09-02-08 08-02-08 07-02-08 06-02-08 05-02-08 04-02-08 03-02-08 02-02-08 01-02-08 30-01-08 29-01-08 28-01-08 27-01-08 26-01-08 25-01-08 24-01-08 23-01-08 22-01-08 21-01-08 20-01-08 19-01-08 18-01-08 17-01-08 16-01-08 15-01-08 14-01-08 13-01-08 12-01-08 11-01-08 10-01-08 09-01-08 08-01-08 07-01-08 06-01-08 05-01-08 04-01-08 03-01-08 02-01-08 01-01-08   Dec-07-Tips Nov-07-Tips October 07-Tips September 07-Tips August 07-Tips July 07- Tips June 07- Tips May 07- Tips April 07- Tips March, 07- Tips February, 07- Tips January, 07- Tips
		How to configure Remote Access VPN using ASA?     Remote Access VPN (Easy VPN) provides a secure tunnel over the public network to the off-site users. Easy VPN is a proper client-server model, that is why we will try to perform maximum configurations on the sever end and use Cisco VPN client software at user end to establish connection. Basic steps for Easy VPN Configuration:  1- First configure the ASA interface Interface name Security level IP address Enable crypto isakmp on ASA 2- Configure IP pool Pool name Range of IP addresses to be used in pool 3- Configure user accounts Username Password 3- First define the ISAKMP Policy. Authentication Hash Encryption Group 4- Establish IPsec transform set.  Esp-des Esp-md5-hmac Esp-aes Asp-sha-hmac 5- Configure tunnel group  Group name      Group policies     6- Now apply crypto map on the outside interface.      Used to verify the outgoing interface traffic Configuration of ASA   ASA(config)#interface GigabitEthernet 0/1 ASA(config-if)# no shutdown ASA(config-if)# nameif outside ASA(config-if)# ip address 20.1.1.50 255.0.0.0  ASA(config-if)#exit   ASA(config)# crypto isakmp enable outside (To enable crypto isakmp on ASA)  ASA(config)# ip local poolname 30.1.1.1-30.1.1.50 (define IP pool) ASA(config)# route outside 0 0 20.0.0.0   ASA(config)# username Mark password Cisco (define username and password)    Now defined the IKE polices on ASA ASA-(config)#crypto isakmp policy 10 (10 is isakmp policy number)  ASA(config-isakmp)#encryption des  (enable encryption des)  ASA(config-isakmp)#hash md5 (enable algorithm md5 for hashing)  ASA(config-isakmp)#authentication pre-share (enable Pre-shared method) ASA(config-isakmp)#group 2    (enable diffie-Helman group 2)     ASA(config-isakmp)#exit   (Exit from crypto isakmp mode)    ASA(config)#crypto ipsec transform-set ts2 esp-des esp-md5-hmac (Here encryption type is des and hashing technique is md5-hmac)    ASA(config)# crypto dynamic-map dmap 10 set transform-set ts2 (apply the transform set)   ASA(config)#crypto map imap 10 ipsec-isakmp dynamic dmap (call dynamic-map in crypto map name imap)   ASA(config)# tunnel-group marketing type ipsec-ra (create a group for marketing department) ASA(config)# tunnel-group marketing general-attributes ASA(config-general)# address-pool poolname ASA(config-general)# exit   ASA(config)# tunnel-group marketing ipsec-attributes ASA(config-ipsec)# pre-shared-key Cisco  ASA(config-ipsec)# exit  ASA-B(config)# crypto map imap interface outside  (Apply crypto map on outside interface)   Now to verify the secure tunnel, dial connection from user end using Cisco VPN client.                            Yesterday Tip. How to configure BGP with local preference attribute?