7-3
Cisco ASA 5550 Getting Started Guide
78-17644-01
Chapter 7      Scenario: Remote-Access VPN Configuration
  Implementing the IPsec Remote-Access VPN Scenario
• Specifying the VPN Tunnel Group Name and Authentication Method, 
page 7-7
• Specifying a User Authentication Method, page 7-8
• (Optional) Configuring User Accounts, page 7-10
• Configuring Address Pools, page 7-11
• Configuring Client Attributes, page 7-12
• Configuring the IKE Policy, page 7-13
• Configuring IPsec Encryption and Authentication Parameters, page 7-15
• Specifying Address Translation Exception and Split Tunneling, page 7-16
• Verifying the Remote-Access VPN Configuration, page 7-17
Information to Have Available
Before you begin configuring the adaptive security appliance to accept remote 
access IPsec VPN connections, make sure that you have the following information 
available: 
• Range of IP addresses to be used in an IP pool. These addresses are assigned 
to remote VPN clients as they are successfully connected. 
• List of users to be used in creating a local authentication database, unless you 
are using a AAA server for authentication. 
• Networking information to be used by remote clients when connecting to the 
VPN, including:
–
IP addresses for the primary and secondary DNS servers
–
IP addresses for the primary and secondary WINS servers
–
Default domain name
–
List of IP addresses for local hosts, groups, and networks that should be 
made accessible to authenticated remote clients