02-22-2008 01:48 AM - edited 03-11-2019 05:06 AM
Hi,
I am having trouble configuring remote access vpn using ASDM [ASDM Version 5.2(2)] on ASA 5505 [ASA Version 7.2(2)]. I get the following error message. Please help!!!
ASDM received message(s) below when one or more of the commands below were sent to the ASA. [OK] means success, [ERROR] means failure, [INFO] means information, and [WARNING] means warning message received.
[OK] crypto isakmp enable outside
[OK] access-list inside_nat0_outbound line 1 extended permit ip 0.0.0.0 0.0.0.0 192.168.100.0 255.255.255.240
[OK] username Hiteishee password eAXNRI6VJlqT/0O6 encrypted privilege 0
[OK] username Hiteishee attributes
username Hiteishee attributes
[WARNING] vpn-group-policy cisco
group-policy <cisco> does not exist
[OK] ip local pool RemoteClientPool 192.168.100.1-192.168.100.10
[OK] group-policy cisco internal
[OK] group-policy cisco attributes
group-policy cisco attributes
[OK] vpn-tunnel-protocol IPSec
[OK] dns-server value 195.184.228.6 212.135.1.36
[OK] tunnel-group cisco type ipsec-ra
[OK] tunnel-group cisco general-attributes
tunnel-group cisco general-attributes
[OK] default-group-policy cisco
[OK] address-pool RemoteClientPool
[OK] tunnel-group cisco ipsec-attributes
tunnel-group cisco ipsec-attributes
[OK] pre-shared-key cisco
[OK] crypto isakmp policy 10 authen pre-share
[OK] crypto isakmp policy 10 encrypt 3des
[OK] crypto isakmp policy 10 hash sha
[OK] crypto isakmp policy 10 group 2
[OK] crypto isakmp policy 10 lifetime 86400
[OK] crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
[OK] crypto dynamic-map outside_dyn_map 20 set pfs group2
[OK] crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-SHA
[OK] crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map
[OK] crypto map outside_map interface outside
[OK] nat (inside) 0 access-list inside_nat0_outbound tcp 0 0 udp 0
02-22-2008 03:17 AM
I would advise you to use the CLI for this.
Just check if you can configure the group policy on your user like so:
username Hiteishee attributes
vpn-group-policy cisco
That seems to be the only thing that failed from ASDM.
You can also check on ASDM which is the group-policy that was applied to this user and change it to "cisco".
HTH,
Paulo
03-07-2008 04:38 AM
I wiped out the config on the Firewall and re-configured the Firewall. I was still getting the same error message.
I simply ignored the error message and everything worked fine.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide