Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Create VPN connections for remote users

I have a PIX 525 6.3. I have not set up VPN connections before. I want to set up VPN connections for some remote users that are using Cisco VPN Client 4.8. I have tried to use the Cisco Guide but it is just so much to try and absorb at 1 time. I did use the VPN Wizard. For the VPN clients to connect and be able to access our private network ...I need to provide them with group name ...password...and the IP. Is this the Public IP I have assigned to my outside interface? I wish I could find a more user friendly guide to setting up VPN. I want to get SSL VPN working as well but I just need to get past the current VPN learning curve. I understand Easy VPN setup to a point becasue I enabled it but I did something wrong because inside users could no longer access the internet and a Cisco VPN web page appeared so I removed the Easy VPN setup. Here is my current config that I will test tonight

global (outside) 1 199.x.x.x

nat (outside) 0 access-list outside_nat0_inbound outside

nat (inside) 1 0.0.0.0 0.0.0.0 0 0

sysopt connection permit-ipsec

crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac

crypto ipsec transform-set myset esp-des esp-md5-hmac

crypto dynamic-map dymap 10 set transform-set myset

crypto dynamic-map dynmap 10 set transform-set myset

crypto dynamic-map dynmap 30 set transform-set myset

crypto dynamic-map inside_dyn_map 20 match address inside_cryptomap_dyn_20

crypto dynamic-map inside_dyn_map 20 set peer 199.x.x.x

crypto dynamic-map inside_dyn_map 20 set transform-set ESP-DES-MD5

crypto map mymap 65535 ipsec-isakmp dynamic dynmap

crypto map inside_map 65535 ipsec-isakmp dynamic inside_dyn_map

crypto map inside_map interface inside

isakmp enable outside

isakmp key ******** address 199.x.x.x netmask 255.255.255.255 no-xauth no-

nfig-mode

isakmp identity address

isakmp nat-traversal 20

isakmp policy 20 authentication pre-share

isakmp policy 20 encryption des

isakmp policy 20 hash md5

isakmp policy 20 group 2

isakmp policy 20 lifetime 86400

vpngroup HRTVPN address-pool HRTVPNSS

vpngroup HRTVPN dns-server 192.168.17.32 192.168.17.60

vpngroup HRTVPN wins-server 192.168.17.60

vpngroup HRTVPN default-domain hrtransit.org

vpngroup HRTVPN idle-time 1800

vpngroup HRTVPN password ********

vpngroup VPNHRT1 address-pool VPNHRT1

vpngroup VPNHRT1 dns-server 192.168.17.32 192.168.17.60

vpngroup VPNHRT1 wins-server 192.168.17.60

vpngroup VPNHRT1 default-domain hrtransit.org

vpngroup VPNHRT1 idle-time 1800

vpngroup VPNHRT1 password ********

Thanks

213
Views
0
Helpful
0
Replies
CreatePlease to create content