• Home
  • Cisco
  • Exchange
  • Linux
  • Navision
  • Network
  • Virtualization
  • Windows
  • About
    •  

    Site to site VPN – Monowall and ASA5500


    This is an example how to create an site to site VPN between monowall and ASA

    Monowall 1.33

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

    ASA

    access-list outside_20_cryptomap extended permit ip 10.1.1.0 255.255.255.0 192.168.36.0 255.255.255.0
    access-list inside_nat0_outbound extended permit ip 10.1.1.0 255.255.255.0 192.168.36.0 255.255.255.0
    nat (inside) 0 access-list inside_nat0_outbound

    crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
    crypto ipsec security-association lifetime seconds 28800
    crypto ipsec security-association lifetime kilobytes 4608000

    crypto map outside_map 20 match address outside_20_cryptomap
    crypto map outside_map 20 set pfs
    crypto map outside_map 20 set peer 234.234.234.234
    crypto map outside_map 20 set transform-set ESP-3DES-MD5
    crypto map outside_map 20 set security-association lifetime seconds 28800
    crypto map outside_map 20 set security-association lifetime kilobytes 4608000
    crypto map outside_map interface outside
    crypto isakmp enable outside
    crypto isakmp policy 10
    authentication pre-share
    encryption 3des
    hash md5
    group 2
    lifetime 86400

    tunnel-group 234.234.234.234 type ipsec-l2l
    tunnel-group 234.234.234.234 ipsec-attributes
    pre-shared-key securepass