Allow VPN via ASA 5500 Firewall

Allow IPsec VPN through CISCO ASA 5500

Scenario:

User requires VPN out from behind the ASA 5500 Firewall.

Requirements:

ASA2: Remote VPN device require NAT-T enabled (NAT Traversal)

Enable:

ASA1:

IKE – UDP – Port 500

IPsec – UDP – Port 4500

Inspection of Ipsec-Pass-Through

Configuration steps:

ASA1:

access-list inside udp permit host 192.168.0.10 any eq 500

aceess-list inside udp permit host 192.168.0.10 any eq 4500

policy-map global_policy

class inspection_default

inspect ipsec-pass-thru