We're Sorry, Full Content Access is for Members Only...

If you like to keep on reading, Become a Member Now! Here is Why:

  • Learn any CCNA, CCNP and CCIE R&S Topic. Explained As Simple As Possible.
  • Try for Just $1. The Best Dollar You've Ever Spent on Your Cisco Career!
  • Full Access to our 588 Lessons. More Lessons Added Every Week!
  • Content created by Rene Molenaar (CCIE #41726)


314 New Members signed up the last 30 days!


100% Satisfaction Guaranteed!
You may cancel your monthly membership at any time.
No Questions Asked!

Tags: ,

Forum Replies

  1. sims says:

    Hi Rene,

    If i want to create another connection profile , do i need to create another policy in ipsec phase 1 (
    crypto ikev1 policy 10)

    Or is it one time configuration ,( Ipsec phase 1 and Phase 2 ) .
    How to remove the tunnel group and group policy from command line


  2. Rene,

    IPsec Tunnel always speak of New IP Header being applied to the original header when an example is given. Can you give a real world example that shows the newly created Ip addresses in the header and the original ip addresses? I am trying to see how packets are routed from the client with a remote vpn client installed.


  3. gurrav says:

    Hi Rene,

    I have private ip address in the outside interface connected the ISP, and DMZ interface have public IP for diferent service. then the question is:

    Can do I use a IP public address from my pool of DMZ for get up my VPN remote access?

    how do I make this ?

    best regards

  4. HI

    When the tunnel is brought up on the ASA does it create a logical tunnel interface and assign it an ip address from the vpn pool?

    what show commands could i use to see this interface on the asa ?


29 more replies! Ask a question or join the discussion by visiting our Community Forum