Just a simple VPN so I can access my home network, not sure what options I have avaible.

Ok, followed the steps in the link provided....no luck.  Well at least I don't think... I don't know if I can test the VPN connection within the same home network or not.  Just to test an idea I had, I tried to ping my asa via the outside IP address and I did not get a reply.  Any idea on how I can test my VPN connection?  Anyone willing to test it if I provide a temp user name a password?

Thanks.

Jonathan,

Typically you cannot test this from the same network as to what you are trying to connect to with VPN.  Windows Firewall will also mess with the connection.  Some of the easiest way to test this connection is from WiFi hot spot or something simular.

If you don't have any other way to test this, please let me know and I could assist you with this.

Thanks,

Kimberly

I figured I couldn't....yes, if you have any idea on how I can test my connection, I would greatly appreciate it.

Did you configure an IPSec VPN or an AnyConnect/SSL VPN?

Please let me know what the group name and password and a username and password.

IPSec VPN

Host IP: 174.56.139.62

Tunnel Group Name: vpnhome

User Name: homevpn

Password: henry999

Pre-share Key: vpntest

Pool Name: VPNHome

Jonathan,

I was able to successfully log into your network from here.  I have attached a copy of the statistics for my connection.

Thanks,

Kimberly

Thanks, one last question.  With the way I have my network setup, I don't use the ASA as the DHCPserver or router, I have my 3600 for that...since I can connect to the ASA does that mean I can access my entire network via the ASA and VPN?  I main goal is to be able access my server where all my files are located, I use Win 2008 Server with Active Directory....

Thanks,

Jonathan

Just Make sure that you have route on the cisco 3600 for the vpn pool subnet. also setup reverse route on asa for that pool + there is a NAT exempt for the vpn pool subnet + setup the MTU on the windows server to something around 1280  so that you dont face MTU issues when packet get encrypted with ipsec & iskamp.

Thanks

Manish

Alright, not too sure exactly how to do that.  Below is a current config of my router:

Current configuration : 1588 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$.7Q9$mJ4Y0sVUoAw8QZ/33g1JD/
enable password henry999
!
no aaa new-model
!
!
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.1.1 192.168.1.7
ip dhcp excluded-address 192.168.1.1 192.168.1.10
ip dhcp excluded-address 192.168.1.11 192.168.1.19
ip dhcp excluded-address 192.168.1.1 192.168.1.19
!
ip dhcp pool 192.168.1.0/24
   network 192.168.1.0 255.255.255.0
   default-router 192.168.1.1
   dns-server 8.8.8.8 8.8.4.4
!
!
!
username woodjl privilege 15 secret 5 $1$w.xT$cFJweRcOx29N9hKafqu4h1
username wooldjl privilege 15 secret 5 $1$4o6/$IO13XCGj9XXjIAGTsN3Yj0
!
!
!
!
interface FastEthernet0/0
ip address 192.168.2.2 255.255.255.0
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
!
router rip
version 2
passive-interface FastEthernet0/0
passive-interface FastEthernet0/1
network 192.168.1.0
no auto-summary
!
ip http server
ip http authentication local
ip http timeout-policy idle 600 life 86400 requests 10000
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 192.168.2.1
!
ip nat pool Home 192.168.1.1 192.168.1.24 netmask 255.255.255.0
!
snmp-server community 192.168.1.1 RO
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
privilege level 15
password henry
login local
transport input telnet
!
!
end

Manish said to setup the routes and that will work, but if you would like to use your Active Directory server to authenticate against, then you will need to configure AAA services on the ASA.  This will allow you access to everything on your LAN and leverage your server for authentication.  The IPSec VPN will allow you to look like a workstation on your local network.

Thanks and I hope this answers your question.  You are welcome for the assistance, this is what this community is for.

Kimberly