We have a cisco 800 in a remote site which we wanted to use for a site to site vpn. I thought this would be simple as i have setup ipsec and ssl vpn's before on ASA's without any issues. This has gone so wrong that i think its best just to start again. The senario is this:
We have a remote cisco 800 which has a LAN network of 172.20.224.0/20. Right now all the 800 is doing is DSL authentication and letting all traffic out. Ther server network sits behind an ASA 5505 and has an ip of 192.168.168.0/24. What i was hoping to get was a vpn tunnel that would say up permanently routing traffic to the server LAN. What i would like is a simple config to put on the 800 and 5505 just to get it working. I am sure its easy but i have just been looking at it too long. Any help would be much appricaited.
It is certainly quite doable but can be a bit tricky if you haven't done it before.
I suggest using Cisco Configuration Professional (CCP - free tool) on the router end and the ASDM VPN Wizard on the ASA end. Those respective GUIs will step you through the setup to get things running.
Thanks for the reply. I was actually using these tools to try and configure it before without any success. I have ran through the wizards again. How can i make this a constant vpn session and not one that is intiated through traffic?
IPsec VPNs always have the requirement for "interesting traffic" to bring up (and, at the time of tunnel exppiration, renew) a VPN.
If you want to keep it up in the absence of end user traffic you can potentially setup a script using IPSLA to send a ping every n seconds.