interfaces einrichten

configure terminal
interface Vlan2
ip address 192.168.244.185 255.255.248.0 
 nameif if-outside
interface Vlan1                     
 nameif if-inside
ip address 10.20.170.1 255.255.255.0
route if-outside 0.0.0.0 0.0.0.0 192.168.240.100
domain-name xinux.org
dns domain-lookup if-outside
dns server-group DefaultDNS
name-server 192.168.240.200
end

auf cisco

configure terminal
crypto ikev1 policy 10
authentication pre-share
encryption aes-256
hash md5
group 5
lifetime 28800
crypto ikev1 enable if-outside

access-list acl-asa-soph extended permit ip 10.20.170.0 255.255.255.0 10.20.0.0 255.255.0.0
crypto isakmp identity address
crypto isakmp enable if-outside
crypto ipsec transform-set AES256-MD5 esp-aes-256 esp-md5-hmac
crypto map vpn-asa-soph 10 match address acl-asa-soph
crypto map  vpn-asa-soph 10 set pfs group5
crypto map vpn-asa-soph 10 set peer 192.168.244.130
crypto map  vpn-asa-soph 10 set ikev1 transform-set AES256-MD5
crypto map  vpn-asa-soph  interface if-outside
tunnel-group 192.168.244.130 type ipsec-l2l 
tunnel-group 192.168.244.130 ipsec-attributes 
pre-shared-key streng-geheim
end