Cisco Systems ISA550 Manual De Usuario
VPN
Configuring IPsec Remote Access
Cisco ISA500 Series Integrated Security Appliances Administration Guide
355
8
Configuring IPsec Remote Access
The IPsec Remote Access feature introduces server support for the Cisco VPN
Client (Release 4.x and 5.x) software clients and the Cisco VPN hardware clients.
This feature allows remote users to establish the VPN tunnels to securely access
the corporate network resources. Centrally managed IPsec policies are “pushed”
to remote VPN clients by the VPN server, minimizing configuration by end users.
Client (Release 4.x and 5.x) software clients and the Cisco VPN hardware clients.
This feature allows remote users to establish the VPN tunnels to securely access
the corporate network resources. Centrally managed IPsec policies are “pushed”
to remote VPN clients by the VPN server, minimizing configuration by end users.
Figure 5 IPsec Remote Access with the Cisco VPN Client Software or a Cisco
Device as a Cisco VPN Hardware Client
Device as a Cisco VPN Hardware Client
NOTE
When the security appliance is acting as an IPsec VPN server, the following IKE
policy and transform set are used by default. The IKE policy and transform set used
on the security appliance are unconfigurable.
policy and transform set are used by default. The IKE policy and transform set used
on the security appliance are unconfigurable.
283054
Inside
10.10.10.0
Outside
DNS Server
10.10.10.163
WINS Server
10.10.10.133
10.10.10.133
Internal
network
ISA500
as a Cisco IPSec
VPN Server
Cisco Device
as a Cisco VPN
hardware client
Personal Computer
running Cisco VPN
Client software
Personal Computer
running Cisco VPN
Client software
Internet
Field
Setting
IKE Policy
Encryption = ESP_AES_256
Hash = SHA
Authentication = Pre-shared Key
D-H Group = Group 2