1-10
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring Remote Access IPsec VPNs
Configuring Remote Access IPsec VPNs
Configuring an Address Pool
The ASA requires a method for assigning IP addresses to users. This section uses address pools as an
example. Use the command syntax in the following examples as a guide.
Adding a User
This section shows how to configure usernames and passwords. Use the command syntax in the
following examples as a guide.
Creating an IKEv1 Transform Set or IKEv2 Proposal
This section shows how to configure a transform set (IKEv1) or proposal (IKEv2), which combines an
encryption method and an authentication method.
Perform the following task:
Command Purpose
ip local pool poolname
first-address—last-address [mask mask]
Example:
hostname(config)# ip local pool testpool
192.168.0.10-192.168.0.15
hostname(config)#
Creates an address pool with a range of IP addresses, from which the ASA
assigns addresses to the clients.
The address mask is optional. However, You must supply the mask value
when the IP addresses assigned to VPN clients belong to a non-standard
network and the data could be routed incorrectly if you use the default
mask. A typical example is when the IP local pool contains
10.10.10.0/255.255.255.0 addresses, since this is a Class A network by
default. This could cause routing issues when the VPN client needs to
access different subnets within the 10 network over different interfaces.
Command Purpose
username name {nopassword | password password
[mschap | encrypted | nt-encrypted]}
[privilege priv_level]
Example:
hostname(config)# username testuser password 12345678
hostname(config)#
Creates a user, password, and privilege level.
To Next Page
Loading...
Need help?
General
