07-08-2014 03:13 AM - edited 03-11-2019 09:26 PM
Hi All,
we have a plan to migrate our VPN 3000 to ASA 5545x. I need to know the following points.
Thanks inadvance.
Regards,
Satya.M
07-08-2014 08:15 PM
Sorry but there's no quick and easy way.
Re your specific questions:
1 & 2. No.
3 & 4. Analyze functions of your VPN 3000 setup and make notes. Study and learn ASA VPN capabilities and how to implement them. Note new features available and make an informed decision about any you choose to use. Build VPN in your lab and confirm it works as desired. Transition to production use along with good communications to users about changes and how to understand them. How much really depends on how you are using the system and your users' comfort level with technology change.
5. No.
07-10-2014 09:18 PM
Thanks Marvins ...
I was going tru all this things, but to make thing faster and confident i have requested this.
Cisco has some tool's like beta tool etc...so looking for them, if they really help. I know nothings works as plug n play at core level.
Regards,
Satya.M
07-11-2014 12:33 AM
Hi Satya,
Please follow the below mentioned steps to make your things simpler and you can gain more confident in doing it.
1) 1st collect the VPN settings what you have deployed in VPN concentrator.... have that information handy with you, which should include the access information for the vpn users.
2) ASA has different VPN options to do with IPSec RA / Anyconnect / L2L etc. You can choose the VPN option which you are planning to migrate.
3) If you have the spare public IP... then you can build the parallel setup using a new public ip and have the VPN setup created and test it end to end... then you can either migrate to the IP of the VPN concentrator or a new IP itself.
in ASA Conf t# vpnsetup ipsec-remote-access steps
will give you config example of ipsec RA... also you can find information for site to site, ssl vpn, l2tp vpn as well.... this will give you the simple information about VPN.... you can add the setup based on your requirement.... like 3rd party authentication.... etc as per your requirement.
Regards
Karthik
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide