I know I’m not the first to attempt writing a succinct guide to quickly setting up a virtual private network (VPN) using Cisco gear, but I’m hoping this guide will be a one stop shop (blog) on how it’s done with an ASA 5505 that also allows users to connect to the internet. The ASA does offer a wizard, but the wizard doesn’t actually cover everything you need to do and can sometimes be a bit confusing on what it’s asking for. There are basically four parts to this: setting up your SSL certificate, configuring the VPN, then setting up the proper NAT rules, and split-tunneling if you so desire. The SSL certificate allows your users to connect to the inside network through an encrypted tunnel. In my example I’m just going to use a self-signed certificate for testing, but you should really go to the third-party certificate authority to get an SSL certificate. The VPN configuration is fairly simple. I’ll describe what the wizard is looking for and go through the configuration steps. The last part allows your users to browse both the inside network and the internet. Here are the steps I followed to make it work for my environment. I’m working with an inside network, outside network and a DMZ using the ASDM and CLI.
To read more click here.