01-01-2019 11:19 AM
Dear all,
i have cisco router 887 will be connected site to site with cisco asa 5510. Cisco router act as a client and asa as a server.
If i connect to the router using cisco vpn client, can i reach to the subnets behindthe ASA? using site to site vpn between cisco router and ASA?? is that possible? If yes, how and which site to site vpn to use between the router and the asa, easy or dynmic vpn taking into consideration the below is configured in the cisco router.
Note: i have to use ctcp port 10000 as there is adsl nat to the router, without it- vpnclient doesn't work.
!
crypto ctcp port 10000
!
crypto isakmp policy 1
encr 3des
hash md5
authentication pre-share
group 2
!
crypto isakmp client configuration group cisco
key ****
pool mypool
acl 101
save-password
!
crypto isakmp profile ciscocp-ike-profile-1
match identity group cisco
client authentication list ciscocp_vpn_xauth_ml_2
isakmp authorization list ciscocp_vpn_group_ml_2
client configuration address respond
virtual-template 1
!
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-md5-hmac
mode tunnel
!
crypto ipsec profile CiscoCP_Profile2
set transform-set ESP-3DES-SHA
set isakmp-profile ciscocp-ike-profile-1
!
interface Virtual-Template1 type tunnel
ip unnumbered Vlan10
tunnel mode ipsec ipv4
tunnel protection ipsec profile CiscoCP_Profile2
!
regards,