Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1241
Views
0
Helpful
2
Replies

Remote Access VPN Configuration error in ASDM

a.ajiboye
Level 1
Level 1

‎02-22-2008 01:48 AM - edited ‎03-11-2019 05:06 AM

Hi,

I am having trouble configuring remote access vpn using ASDM [ASDM Version 5.2(2)] on ASA 5505 [ASA Version 7.2(2)]. I get the following error message. Please help!!!

ASDM received message(s) below when one or more of the commands below were sent to the ASA. [OK] means success, [ERROR] means failure, [INFO] means information, and [WARNING] means warning message received.

[OK] crypto isakmp enable outside

[OK] access-list inside_nat0_outbound line 1 extended permit ip 0.0.0.0 0.0.0.0 192.168.100.0 255.255.255.240

[OK] username Hiteishee password eAXNRI6VJlqT/0O6 encrypted privilege 0

[OK] username Hiteishee attributes

username Hiteishee attributes

[WARNING] vpn-group-policy cisco

group-policy <cisco> does not exist

[OK] ip local pool RemoteClientPool 192.168.100.1-192.168.100.10

[OK] group-policy cisco internal

[OK] group-policy cisco attributes

group-policy cisco attributes

[OK] vpn-tunnel-protocol IPSec

[OK] dns-server value 195.184.228.6 212.135.1.36

[OK] tunnel-group cisco type ipsec-ra

[OK] tunnel-group cisco general-attributes

tunnel-group cisco general-attributes

[OK] default-group-policy cisco

[OK] address-pool RemoteClientPool

[OK] tunnel-group cisco ipsec-attributes

tunnel-group cisco ipsec-attributes

[OK] pre-shared-key cisco

[OK] crypto isakmp policy 10 authen pre-share

[OK] crypto isakmp policy 10 encrypt 3des

[OK] crypto isakmp policy 10 hash sha

[OK] crypto isakmp policy 10 group 2

[OK] crypto isakmp policy 10 lifetime 86400

[OK] crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac

[OK] crypto dynamic-map outside_dyn_map 20 set pfs group2

[OK] crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-SHA

[OK] crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map

[OK] crypto map outside_map interface outside

[OK] nat (inside) 0 access-list inside_nat0_outbound tcp 0 0 udp 0

Labels:
0 Helpful
2 Replies 2

pjhenriqs
Level 1
Level 1

‎02-22-2008 03:17 AM

I would advise you to use the CLI for this.

Just check if you can configure the group policy on your user like so:

username Hiteishee attributes

vpn-group-policy cisco

That seems to be the only thing that failed from ASDM.

You can also check on ASDM which is the group-policy that was applied to this user and change it to "cisco".

HTH,

Paulo

0 Helpful

a.ajiboye
Level 1
Level 1
In response to pjhenriqs

‎03-07-2008 04:38 AM

I wiped out the config on the Firewall and re-configured the Firewall. I was still getting the same error message.

I simply ignored the error message and everything worked fine.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card