Clients will be assigned private network addresses from a pool of 10.2.20.1-10.2.20.126. Object-group network group-inside-vpnclientĭescription All inside accessible networksĪccess-list acl-vpnclient extended permit ip object-group group-inside-vpnclient any This is expressed with the source matching the local private network(s) and the destination matching any as the VPN client address will be assigned by the gateway. The default gateway is configured as 1.1.1.3 via the outside interface.Īn access lists must be configured to define the IPSec policies. The inside interface has a static private IP address that faces the internal private network. The outside interface has a static public IP address of 1.1.1.20 which faces the internet. For more information, please consult your Cisco product documentation. This example assumes you have knowledge of the Cisco ASA gateway command line configuration interface. The client uses the pull configuration method to acquire the following parameters automatically from the gateway. The configuration example described below will allow an IPsec VPN client to communicate with a single remote private network. The Shrew Soft VPN Client has been tested with Cisco products to ensure interoperability. If you have a PIX device running firmware version 6.x, please consult the HowtoCiscoPix. This guide provides information that can be used to configure a Cisco PIX/ASA device running firmware version 7.x to support IPsec VPN client connectivity.