ASA 8.3+ - IPSec Client VPN - EzVPN
Example
Script
same-security-traffic permit inter-interface same-security-traffic permit intra-interface access-list [[VPN Group Name]]_Split_Tunnel standard permit [[LAN Subnet]] ip local pool [[VPN Group Name]]_POOL [[VPN Client Start IP]]-[[VPN Client End IP]] mask [[VPN Client Subnet Mask]] crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac crypto dynamic-map RA_VPN 65535 set ikev1 transform-set ESP-AES-128-SHA crypto map [[Crypto Map Name]] 65535 ipsec-isakmp dynamic RA_VPN crypto map [[Crypto Map Name]] interface [[VPN Interface]] crypto ikev1 enable [[VPN Interface]] crypto ikev1 policy 1 authentication pre-share encryption aes hash sha group 2 lifetime 86400 group-policy [[VPN Group Name]]_GP internal group-policy [[VPN Group Name]]_GP attributes wins-server value [[WINS Servers]] dns-server value [[DNS Servers]] vpn-tunnel-protocol IPSec split-tunnel-policy tunnelspecified split-tunnel-network-list value [[VPN Group Name]]_Split_Tunnel default-domain value [[Domain Name]] address-pools value [[VPN Group Name]]_POOL tunnel-group [[VPN Group Name]] type remote-access tunnel-group [[VPN Group Name]] general-attributes address-pool [[VPN Group Name]]_POOL default-group-policy [[VPN Group Name]]_GP tunnel-group [[VPN Group Name]] ipsec-attributes ikev1 pre-shared-key [[Group Pre-Shared Key]] object network LAN subnet [[LAN Subnet]] object network [[VPN Group Name]]_SUBNET subnet [[VPN Subnet]] nat (inside,any) source static LAN LAN destination static [[VPN Group Name]]_SUBNET [[VPN Group Name]]_SUBNET References



VPN Group Name:
LAN Subnet:
VPN Client Start IP:
VPN Client End IP:
VPN Client Subnet Mask:
Crypto Map Name:
VPN Interface:
WINS Servers:
DNS Servers:
Domain Name:
Group Pre-Shared Key:
VPN Subnet:


Use this code to post the full script to your own page:



Use this code to post only the variables to your own page: