Pretty much believe everyone is doing great and wonderful too? I must say that i have gained alot of experience from the group and it is only natural to bless the group back with same thing. I want to believe that someone at some point might have done this....but however i would still go ahead and do what i need to do.
I have been on a project on configuring both remote and site-to-site vpn's with ASA. I must confess it's been fun for me. Quite some hand full lessons to learn. With routers it's easier having to do the commands as you know CLI seems the best way....troubleshooting via it for me is easier! That's my personal take on things though. On the ASA, i have always had this believe it's not possible to do it via CLI. But then was i totally totally wrong with that perception. So for those of us that are not GUI config at heart.....here are the template(s) i used that worked for me so good that i didn't have to use the ASDM while configuring the vpn's.
username santa password US-man2011 username santa attributes
So there you have it guys! Make adjustments where needed for you. Bless the hearts of everyone here that has been of a blessing to me. This is just my little contribution to the group
Thanks for asking, i should have done that though while doing the original post. Ok here it is below
For the S2S Vpn's
I did them on 5510 with Software 8.2 on them. For some specific reason my boss say we are not upgrading to the 8.3 or for....but my take about his fears is NATTING. It's a little be different on software version 8.3 but all the same though!
For the Remote Vpn's
It was on the 5505 with same software version....but i have to be honest i just got my own 5505 upgraded to version 8.4, so i would slam it up on it and give it a try there. Most def would be willing to share my experience with the experience.
But generally i believe the whole config should be suitable for all platforms of ASA with version 8.2 or later. May be one or two tweaks here and there that would personally make an impact to your network.
In summary i guess those configs up in here are good to go for those who love CLI vpn config style! Like i chose to call us CLI CONFIG AT HEART!
I guess that would be all for now....but i am open to more questions and hope to answer them to the best of my abilities!
reply to Teddzy Someday when I can afford two ASA 5505s I will play with this. The CLI on a PIX is Chinese to me as well, but I have to start somewhere.
