Hi All,

I am having a problem in configuring a dynamic VPN in my pix which has the 7.2 version of ios but i am able to work with same configuration in the pix whch has 6.3 version i just want a user from outside my network using the vpn client access the resource inside my network below is my configuration is it ok are should i need to do anything more? please advice me.

ip local pool vpnpool1 192.168.170.1-192.168.170.254

crypto dynamic-map map2 20 set transform-set guatemala1

crypto map map1 20 ipsec-isakmp dynamic map2

crypto ipsec transform-set guatemala1 esp-aes-256 esp-sha-hmac

isakmp policy 20 authentication pre-share

isakmp policy 20 encryption aes-256

isakmp policy 20 hash sha

isakmp policy 20 group 2

isakmp policy 20 lifetime 86400

vpngroup Guatemalavpn address-pool vpnpool1

vpngroup Guatemalavpn split-tunnel inside_nat0_outbound

vpngroup Guatemalavpn idle-time 36000

vpngroup Guatemalavpn password xxxxxxx

access-list outside_acl permit tcp 192.168.170.0 255.255.255.0 172.19.10.0 255.255.255.0

route outside 192.168.170.0 255.255.255.0 200.30.222.65

access-list inside_nat0_outbound extended permit ip any 192.168.170.0 255.255.255.0

access-list inside_nat0_outbound extended permit ip 172.19.10.0 255.255.255.0 192.168.170.0 255.255.255.0

access-list 102 permit ip 172.19.10.0 255.255.255.0 192.168.170.0 255.255.255.0

nat (inside) 0 access-list inside_nat0_outbound