cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
21900
Views
15
Helpful
9
Replies

Cisco VPN Client setup for Cisco ASA 5505

myersmathis
Level 1
Level 1

Our firm has finally made the switch from Sonicwall to Cisco for our SMB clients. I have our first customer up with a solid site-to-site VPN and have configured the main office router for Cisco VPN Client connections via the VPN wizard.

When I install the VPN Client on the desktops it does not allow inputting of all options required (less you have an SSL VPN). I am assuming there is a process I am missing for exporting a connection profile that the Cisco VPN Client users can import to make their connection.

Is there any step by step guides out there for creating the connection profile file to distribute to clients?

2 Accepted Solutions

Accepted Solutions

Hi,

The ASDM wizard is for the configuration on the ASA. That wizard will help you finish the VPN configuration on the ASA end.

You will have to define the same in the client, so that they can negotiate and connect.

Connection entry feild in the client is what you want it to be seen as on the VPN client - it can be any name

Host will be the outside ip address of the ASA.

Group options:

     name - tunnel group name same as defined on the ASA
     Password- preshared key as on ASA.

     Confirm password - same preshared key.

Once you finish this you will see the client having an entry same as connection entry. you need to click on connect over there. A prompt for username and password will come. please enter the login crendentials. VPN will connect.

You can distribute the .pcf file formed in the location mentioned in the above post. once the other client receive the .pcf, they need to import it by clicking on the tab present on  the VPN client.

Regards,

Anisha

View solution in original post

hehe.. ok..

the link below will help understanding the user guide in more detail:

http://www.cisco.com/en/US/docs/security/vpn_client/cisco_vpn_client/vpn_client46/win/user/guide/vc1.html

Regards,

Anisha

P.S.: please mark this post resolved if you feel your query is answered.

View solution in original post

9 Replies 9

myersmathis
Level 1
Level 1

Is there a support number for resellers, or any other documentation out there on this? I really need to get some assistance on this today.

Client unhappy.

Hey Matthew,

When you say it does not allow you to enter all information on the client, what exactly is happening?

To import profiles to the VPN client, you need something called a .pcf file which contains all details pertaining to the connection entry. If you have one PC with the PVN client already setup, you can get the .pcf file from the install directory Profile folder and import to other client machines.

Hope that helps!!

Cheers,

Prapanch

Hi,

Do you mean a .pcf file where in the configuration of the Connection entry, description,host, group name and group password will be present?

You can confiigure the VPN client on single pc and then copy it from C:\Program files\Cisco Systems\VPN Client\Profiles.

You can distribute this .pcf file.

Regards,

Anisha

P.S.: please mark this thread as resolved if you think your query is answered.

Thanks for the reply. I figured that would be the case with the connection profile file.

When the client opens it asks for the following..

Group or Mutual Group Auth, under Group there are these options...

1.) name

2.) password

3.) confirm password

above this it asks for a host and connection entry, with description.

So when I ran the wizard in the 5505 ADSM it asked for username/password as well as pre-shared key. So I feel like I am missing something. I try entering the username/password and it connects/disconnects immediately.

Hi,

The ASDM wizard is for the configuration on the ASA. That wizard will help you finish the VPN configuration on the ASA end.

You will have to define the same in the client, so that they can negotiate and connect.

Connection entry feild in the client is what you want it to be seen as on the VPN client - it can be any name

Host will be the outside ip address of the ASA.

Group options:

     name - tunnel group name same as defined on the ASA
     Password- preshared key as on ASA.

     Confirm password - same preshared key.

Once you finish this you will see the client having an entry same as connection entry. you need to click on connect over there. A prompt for username and password will come. please enter the login crendentials. VPN will connect.

You can distribute the .pcf file formed in the location mentioned in the above post. once the other client receive the .pcf, they need to import it by clicking on the tab present on  the VPN client.

Regards,

Anisha

I am aware of the ADSM being for the CIsco unit. I am an old PIX user and have read through the manual.

You input though is very helpful. I did not know a second prompt would appear for the username/password, now all seems much more complete. I will give it a try.

hehe.. ok..

the link below will help understanding the user guide in more detail:

http://www.cisco.com/en/US/docs/security/vpn_client/cisco_vpn_client/vpn_client46/win/user/guide/vc1.html

Regards,

Anisha

P.S.: please mark this post resolved if you feel your query is answered.

Now I have forgotten my preshared key. LOL. Is it safe to re-run the wizard or is there a place to reset the preshared key?

do you have access to the CLI of the ASA.

if yes, enter the command  more system:running-config | b tunnel-group. you will see the pre-shared key.

If not you can go to the ASDM >Configuration > Remote Access VPN > Network Client Access > IPSec Connection profile > Select the VPN connection Profile > Edit and change the pre-shared key.

Regards,

Anisha

P.S.: Please mark this thread resolved if you feel your query is answered

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: