02-22-2008 01:48 AM - edited 03-11-2019 05:06 AM
Hi,
I am having trouble configuring remote access vpn using ASDM [ASDM Version 5.2(2)] on ASA 5505 [ASA Version 7.2(2)]. I get the following error message. Please help!!!
ASDM received message(s) below when one or more of the commands below were sent to the ASA. [OK] means success, [ERROR] means failure, [INFO] means information, and [WARNING] means warning message received.
[OK] crypto isakmp enable outside
[OK] access-list inside_nat0_outbound line 1 extended permit ip 0.0.0.0 0.0.0.0 192.168.100.0 255.255.255.240
[OK] username Hiteishee password eAXNRI6VJlqT/0O6 encrypted privilege 0
[OK] username Hiteishee attributes
username Hiteishee attributes
[WARNING] vpn-group-policy cisco
group-policy <cisco> does not exist
[OK] ip local pool RemoteClientPool 192.168.100.1-192.168.100.10
[OK] group-policy cisco internal
[OK] group-policy cisco attributes
group-policy cisco attributes
[OK] vpn-tunnel-protocol IPSec
[OK] dns-server value 195.184.228.6 212.135.1.36
[OK] tunnel-group cisco type ipsec-ra
[OK] tunnel-group cisco general-attributes
tunnel-group cisco general-attributes
[OK] default-group-policy cisco
[OK] address-pool RemoteClientPool
[OK] tunnel-group cisco ipsec-attributes
tunnel-group cisco ipsec-attributes
[OK] pre-shared-key cisco
[OK] crypto isakmp policy 10 authen pre-share
[OK] crypto isakmp policy 10 encrypt 3des
[OK] crypto isakmp policy 10 hash sha
[OK] crypto isakmp policy 10 group 2
[OK] crypto isakmp policy 10 lifetime 86400
[OK] crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
[OK] crypto dynamic-map outside_dyn_map 20 set pfs group2
[OK] crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-SHA
[OK] crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map
[OK] crypto map outside_map interface outside
[OK] nat (inside) 0 access-list inside_nat0_outbound tcp 0 0 udp 0
02-22-2008 03:17 AM
I would advise you to use the CLI for this.
Just check if you can configure the group policy on your user like so:
username Hiteishee attributes
vpn-group-policy cisco
That seems to be the only thing that failed from ASDM.
You can also check on ASDM which is the group-policy that was applied to this user and change it to "cisco".
HTH,
Paulo
03-07-2008 04:38 AM
I wiped out the config on the Firewall and re-configured the Firewall. I was still getting the same error message.
I simply ignored the error message and everything worked fine.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: