I am working on configuring a new ASA 5505 (FW for our LAN and also for Remote VPN Clients) and a couple of Cisco 871 Routers for site-to-site VPNs for a couple of our remote offices.
I have the ASA on the network and working for the most part. I am now to the point of getting the VPN Client portion ready for testing. I have it able to connect to the box from a remote location, but naturally am drawing some blanks on setting up the security policies.
I have a single rule currently that allows traffic to the ASA from remote with UDP, ESP, AH and TCP predefined objects in a group. I can get connected but am not so sure what to do next to allow access to the internal networks.
Do I just create a rule that allows my remote object to the internal network/servers?
I am looking for resources to read online or in print that explain the different protocols to allow and creating rules.
I also need to do this for the site to site vpn's so I am at a loss for the rules. Hope this makes sense.....