×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

How to add remote VPN Access with Site-to-Site Tunnel...

Unanswered Question
Jun 10th, 2006
User Badges:

Recently I implemented site to site VPN tunnel on my pix.. and its working fine.

i want to implement remote access VPN on existing pix.


when i try to implement remote access VPN on pix.. my existing site-to-site VPN tunnel got disconnected. than i restored back the site to site VPN config.


please help me .....i am strugling with this issue.

need syntax or any solution

kindly check the following attached config.

Thanks in advance....



Attachment: 
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
eppiet Sat, 06/10/2006 - 14:00
User Badges:

It should work with both site-to-site tunnel as well as remote access VPN, as I do have these implemented.


You need to create a vpn IP address pool.

and decide on your authentication method:

crypto map example_map client authentication RADIUS


Define a crypto dynamic-map example2 20 set transform-set forest2


Create an additional crypto map for the dynamic connection, using a higher number, such as:

crypto map outside_map 65535 ipsec-isakmp dynamic example_2

Then create the VPN groups.


vpngroup abc address-pool vpnpool

vpngroup abc dns-server 192.168.68.x

vpngroup abc default-domain xxx.com

vpngroup abc split-tunnel Acl-101

vpngroup abc idle-time 1800

vpngroup abc password xxxxx


Sometimes, you may also need the following:


crypto map example_map client configuration address initiate

crypto map example_map client configuration address respond





Actions

This Discussion