Re: How to add remote VPN Access with Site-to-Site Tunnel...

imtiaz_s · ‎06-10-2006

Recently I implemented site to site VPN tunnel on my pix.. and its working fine.

i want to implement remote access VPN on existing pix.

when i try to implement remote access VPN on pix.. my existing site-to-site VPN tunnel got disconnected. than i restored back the site to site VPN config.

please help me .....i am strugling with this issue.

need syntax or any solution

kindly check the following attached config.

Thanks in advance....

eppiet · ‎06-10-2006

It should work with both site-to-site tunnel as well as remote access VPN, as I do have these implemented.

You need to create a vpn IP address pool.

and decide on your authentication method:

crypto map example_map client authentication RADIUS

Define a crypto dynamic-map example2 20 set transform-set forest2

Create an additional crypto map for the dynamic connection, using a higher number, such as:

crypto map outside_map 65535 ipsec-isakmp dynamic example_2

Then create the VPN groups.

vpngroup abc address-pool vpnpool

vpngroup abc dns-server 192.168.68.x

vpngroup abc default-domain xxx.com

vpngroup abc split-tunnel Acl-101

vpngroup abc idle-time 1800

vpngroup abc password xxxxx

Sometimes, you may also need the following:

crypto map example_map client configuration address initiate

crypto map example_map client configuration address respond

imtiaz_s · ‎06-11-2006

Thanks....

prob solved..........