Easy VPN Config problems

Answered Question

Hello,

I have Pix 515E PIX Version 6.2(2).I am trying to setup easy VPN server on it. This pix did not recognised the following comand line.

1.

crypto dynamic-map outside_dyn_map 70 set reverse-route

2.

crypto isakmp nat-traversal 70

or isakmp nat-traversal 70

3. Tunnel-group

are there any command line that I can use inplace of these.I have also attached my config so I would be very grateful if someone could check and advice me what needs to done to bring this connection up.

Thanks

Attachment: 
I have this problem too.
0 votes
Correct Answer by Farrukh Haroon about 8 years 4 months ago

Have a look at this:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080241a0d.shtml

Yes nat-t is available on 6.3.x and above and not it is not enabled by default on the PIX/ASA. On the IOS it is.

Please rate if helpful, Regards

Farrukh

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.3 (3 ratings)
Loading.
Daniel Voicu Thu, 07/31/2008 - 03:45

Hi,

Tunnel-group is not required in 6.x as you use the command vpngroup.

NAT is detected automatically, so you don't need any special configuration for it.However, you should have the ability to enter the command "isakmp nat-traversal 20". This is only to specify the timeout (default 20). NAT-T is always enabled by default.

You can configure the use of NAT transparency on the VPN client.

Please rate if this helped.

Regards,

Daniel

Actions

This Discussion