Presently a Windows 2003 R2 RRAS is used for providing VPN connections. I have a single location (HQ) that uses 10.0.0.x/24. Then they just need to use whatever username and password you create for them for domain access in the office, assuming you have that already. I would prefer to make a web page for internal access only or whatever with a download for the client, and a good graphical walkthrough for setup. It will not save the password for the user so that isn't that much of a leg up really. Make it a serious violation to share the username and password with anyone.Įmailing out the profile is fine if you want to do that (it will contain an encrypted version of your private key if we are talking an IPSec vpn here). Make sure each person has their own account. In theory, you would use the same username and password system you use for access control in the office, Windows AD etc.
Use RADIUS or TACACS+ or something for AAA for authenticating vpn users. Make sure you find a guide that sort of matches the software version you are using, 6.3 will be a bit different than 7-8 and 8.3 will be pretty massively different than anything else.
Go here and scroll down to the vpn remote access section. It's on its own dedicated circuit as well so I can test prior to making any production changes.īeing I have zero experience setting up VPN access how do I approach it? Where do I start? How do I build the VPN? I see in the ASDM the "wizard", but I don't want to learn that way - I want to do it all from the CLI. I have our ASA-5510 up and online (I'm the only one using it as I haven't put it into "production"). What do you do? What would you recommend? Yeah I can have each person contact me and get the client software and set them up a username and password to VPN access. It would also help deploy the client faster as I'll be able to just email out (or post to our internal file server) the configuration file for the VPN client. I'm not sure if it makes most sense to have a single username and password shared by all remote access VPN clients since to access network resources requires authenticating with Active Directory. I have already downloaded the latest version of the Cisco VPN client 5.x (32 and 64 bit versions!).
I'm learning lots about the CLI and how much I don't like ASDM! I'd like to setup a client access VPN on our Cisco ASA-5510.
0 kommentar(er)
