Client Mode: Works exactly like the VPN client software, and leases an IP address from a pool of IP addresses supplied by the ASA, (or a DHCP server).There are two methods of doing this, Client Mode and Network Extension Mode (NEM).
This enables the hardware device to bring up a software client VPN session. The one we used to use the OLD IPSEC VPN client for, (yes the one that went end of life – in 2011!)īut instead of using a piece of software to supply the username/password and the group/pre-shared-key, you configure a hardware device to supply those details. So How does EZVPN Work? Well there’s no separate/special technology, it’s a good old fashioned Client IPSEC VPN. In the example below my corporate LAN is behind a Cisco ASA 5515-X, and my ‘Home Office’ is behind a Cisco ASA 5506-X, (you can use a 5508-X as well, or an old 5505). So it’s time to ‘Man Up’ and get to grips with the CLI. Obviously he did not have a static IP at home, which was why I suggested EZVPN. Last week a client was asking me about buying a 5505 for his home, and putting a VPN into his place of work. If you do that now, you need to go in and mess about with things to get it to work properly. So why am I here again? Well back then I used the ASDM. I’ve called this EZVPN revisited, because this is a technology I’ve talked about before. EZVPN is a technology that lets you form an ISAKMP/IPSEC VPN tunnel from a site with a dynamically assigned IP (EZVPN Client,) back to a device with a static IP (EZVPN Server).