VPN in to ASA 5505

[North323]

i need to be able to vpn into an ASA 5505, here are the steps i am going to take. so this is a two part question,
1) are steps correct
2) what access-list do i need to allow remote connections

isakmp policy 1 authentication pre-share
isakmp policy 1 encryption 3des
isakmp policy 1 hash sha
isakmp policy 1 group 2
isakmp policy 1 lifetime 43200
isakmp enable Internet
ip local pool yopool 172.16.1.1-172.16.1.5
username testuser password 12345678
tunnel-group ritagroup type ipsec-ra
tunnel-group ritagroup general-attributes
address-pool yopool
tunnel-group ritagroup ipsec-attributes
pre-shared-key testing123
crypto dynamic-map dyn1 1 set transform-set TRANSET
crypto dynamic-map dyn1 1 set reverse-route
crypto map mymap 1 ipsec-isakmp dynamic dyn1
crypto map mymap interface Internet
write memory

 

[GM2005]

That will allow client connections to the ASA only, with no access-lists required.

 

[unclerico]

you will need to establish an ACL for NAT Bypass to allow return traffic to your RA clients

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)