Cisco ASA 5505 Getting Started Manual page 98

Implementing the Site-to-Site Scenario
Specifying Hosts and Networks
Note
Step 1
Step 2
Cisco ASA 5505 Getting Started Guide
8-10
Identify hosts and networks at the local site that are permitted to use this IPSec
tunnel to communicate with hosts and networks on the other side of the tunnel.
Specify hosts and networks that are permitted access to the tunnel by clicking
Add or Delete. In the current scenario, traffic from Network A (10.10.10.0) is
encrypted by Security Appliance 1 and transmitted through the VPN tunnel.
In addition, identify hosts and networks at the remote site to be allowed to use this
IPSec tunnel to access local hosts and networks. Add or remove hosts and
networks dynamically by clicking Add or Delete respectively. In this scenario, for
Security Appliance 1, the remote network is Network B (10.20.20.0), so traffic
encrypted from this network is permitted through the tunnel.
In Step 5 of the VPN Wizard, perform the following steps:
In this context, protection provides encryption to preserve data integrity between
two hosts through a secure VPN tunnel. Information that is being sent from one
host to another as plain text, without encryption through an unsecured connection,
is considered unprotected data. Tampering may occur when you send unprotected
data through unsecured connections.
Enter the IP address of local networks to be protected or not protected, or click
the ellipsis (...) button to select from a list of hosts and networks.
Enter the IP address of remote networks to be protected or not protected, or click
the ellipsis (...) button to select from a list of hosts and networks.
If a remote peer has a dynamic IP address, you can use the hostname as
Note
the peer IP address.
Chapter 8 Scenario: Site-to-Site VPN Configuration
78-17612-02