Ive recently purchased a 2921 and im using it at a site about 100 miles from my location. It replaced an old 5505 that had gone bad. On the ASA I had an IPSEC site to site set up as well as an IPSEC remote access profile that allowed my various devices to connect (OSX, iPhones, Androids, etc) natively. This was all done through NAT. When I got the new 2921 installed, I was able to get the site to site going no problem on the outside interface, but I am not able to join an IPSEC connection onto that interface. I am sure that the verbage has just gotten me confused here. Heres my config for the s2s: crypto isakmp policy 10 encr 3des hash md5 authentication pre-share group 2 crypto isakmp key xxxx address x.x.x.x crypto ipsec transform-set myset esp-3des esp-md5-hmac mode tunnel crypto map site2site 1 ipsec-isakmp set peer x.x.x.x set transform-set myset set pfs group1 match address myacl ive then applied the crypto map to the gi0/1 interface (outside) created the ACL for the tunneled traffic then ive made some NAT statments to get the traffic through. What would I add additionally to get a IPSEC VPN set up for my other devices to be able to get into this network? thanks in advance!
... View more