I recently installed an ASA to replace an ailing PIX, and everything seems to be working well. Now we are looking at migrating remote VPN and eventually LAN-to-LAN traffic over to the ASA, due to the looming EOL on our VPN Concentrator.
I used the ASDM wizard to configure remote access VPN on the ASA, authenticating to Windows IAS. When attempting to connect with the Cisco VPN Client (version 4.0) I can see the authentication is successful on the IAS server, but the client says authentication failed. In reviewing my config from CLI, I noticed that I'm missing the line "sysopt connection permit-ipsec" I suspect this is causing my failed authentication, as the ASA is rejecting IPSEC traffic.
I attempted to add the line in CLI, and it doesn't give me any errors, but it still does not appear when I do a "show run"
The ASA is running version 7.0(6), and I was unable to find any reference to this in the release notes for any of the later versions.