Hello everybody,

I have the following configuration for a Remote Access VPN on a PixOS 7.0(2):

crypto ipsec transform-set 3des esp-3des esp-sha-hmac

crypto dynamic-map TEST 10 set peer A.B.C.D

crypto dynamic-map TEST 10 set transform-set 3des

crypto map TEST_MAP 10 ipsec-isakmp dynamic TEST

tunnel-group TEST_GROUP type ipsec-ra

tunnel-group TEST_GROUP general-attributes

default-group-policy TEST_POLICY

tunnel-group TEST_GROUP ipsec-attributes

pre-shared-key *

group-policy TEST_POLICY internal

group-policy TEST_POLICY attributes

vpn-idle-timeout 60

nem enable

username TEST_USER password XXXXX encrypted

username TEST_USER attributes

vpn-filter value ACL-TEST_USER

password-storage enable

The client connecting is a Cisco VPN Client HArdware 3002.

The Tunnel goes up and works fine except the ACL-TEST_USER vpn-filter option.

This ACL Contains some permits ... but i notice that all the traffic is permitted regardless of what is specified on the ACL.

I've found a Bug:

CSCsc49873

Symptom:

The VPN-filter configured for remote VPN clients on a PIX firewall might not

take effect when no xauth authentication is

configured for that remote access VPN client.

And i think it could be my case but i've not found *where* this option "xauth authentication" should be enabled on my Configuration.

Any Help will be appreciated. :)

thanks

Francesco