Cisco Support
English
Feedback Help
Cisco Support Community
Register
cancel
turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
agrayson
agrayson
Community Member
‎10-04-2006 12:17 PM
‎10-04-2006 12:17 PM

Create VPN connections for remote users

I have a PIX 525 6.3. I have not set up VPN connections before. I want to set up VPN connections for some remote users that are using Cisco VPN Client 4.8. I have tried to use the Cisco Guide but it is just so much to try and absorb at 1 time. I did use the VPN Wizard. For the VPN clients to connect and be able to access our private network ...I need to provide them with group name ...password...and the IP. Is this the Public IP I have assigned to my outside interface? I wish I could find a more user friendly guide to setting up VPN. I want to get SSL VPN working as well but I just need to get past the current VPN learning curve. I understand Easy VPN setup to a point becasue I enabled it but I did something wrong because inside users could no longer access the internet and a Cisco VPN web page appeared so I removed the Easy VPN setup. Here is my current config that I will test tonight

global (outside) 1 199.x.x.x

nat (outside) 0 access-list outside_nat0_inbound outside

nat (inside) 1 0.0.0.0 0.0.0.0 0 0

sysopt connection permit-ipsec

crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac

crypto ipsec transform-set myset esp-des esp-md5-hmac

crypto dynamic-map dymap 10 set transform-set myset

crypto dynamic-map dynmap 10 set transform-set myset

crypto dynamic-map dynmap 30 set transform-set myset

crypto dynamic-map inside_dyn_map 20 match address inside_cryptomap_dyn_20

crypto dynamic-map inside_dyn_map 20 set peer 199.x.x.x

crypto dynamic-map inside_dyn_map 20 set transform-set ESP-DES-MD5

crypto map mymap 65535 ipsec-isakmp dynamic dynmap

crypto map inside_map 65535 ipsec-isakmp dynamic inside_dyn_map

crypto map inside_map interface inside

isakmp enable outside

isakmp key ******** address 199.x.x.x netmask 255.255.255.255 no-xauth no-

nfig-mode

isakmp identity address

isakmp nat-traversal 20

isakmp policy 20 authentication pre-share

isakmp policy 20 encryption des

isakmp policy 20 hash md5

isakmp policy 20 group 2

isakmp policy 20 lifetime 86400

vpngroup HRTVPN address-pool HRTVPNSS

vpngroup HRTVPN dns-server 192.168.17.32 192.168.17.60

vpngroup HRTVPN wins-server 192.168.17.60

vpngroup HRTVPN default-domain hrtransit.org

vpngroup HRTVPN idle-time 1800

vpngroup HRTVPN password ********

vpngroup VPNHRT1 address-pool VPNHRT1

vpngroup VPNHRT1 dns-server 192.168.17.32 192.168.17.60

vpngroup VPNHRT1 wins-server 192.168.17.60

vpngroup VPNHRT1 default-domain hrtransit.org

vpngroup VPNHRT1 idle-time 1800

vpngroup VPNHRT1 password ********

Thanks

0 Helpful
Reply
Latest Documents
Snort IPS on ISR, ISRv and CSR - Step-By-Step Configuration
Created by Kureli Sankar on 04-19-2018 11:25 AM
0
0
0
0
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin... view more
Upgrade Chassis Manager (FXOS)
Created by Jeet Kumar on 02-23-2018 02:51 AM
2
15
2
15
    Login to the FXOS chassis manager. Direct your browser to https://hostname/, and log-in using the user-name and password.     Go to Help > About and check the current version:    Check the current version availa... view more
ASA 5506-X with ipv6 no access to internet
Created by Klaxel on 02-08-2018 01:25 AM
3
5
3
5
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6. In Syslog I also se... view more
All Documents
213
Views
0
Helpful
0
Replies
CreatePlease to create content
Discussion
Blog
Document
Video
Popular Blogs
AnyConnect Certificate Based Authentication.
Created by Marvin Ruiz on 08-27-2012 05:20 PM
36
75
36
75
BLOG (No Title)
Created by athukral on 06-14-2011 04:23 AM
15
35
15
35
Wireless Hacking
Created by Anim Saxena on 01-24-2013 07:56 AM
2
25
2
25
All Blogs