06-10-2006 10:58 AM - edited 02-21-2020 02:28 PM
Recently I implemented site to site VPN tunnel on my pix.. and its working fine.
i want to implement remote access VPN on existing pix.
when i try to implement remote access VPN on pix.. my existing site-to-site VPN tunnel got disconnected. than i restored back the site to site VPN config.
please help me .....i am strugling with this issue.
need syntax or any solution
kindly check the following attached config.
Thanks in advance....
06-10-2006 02:00 PM
It should work with both site-to-site tunnel as well as remote access VPN, as I do have these implemented.
You need to create a vpn IP address pool.
and decide on your authentication method:
crypto map example_map client authentication RADIUS
Define a crypto dynamic-map example2 20 set transform-set forest2
Create an additional crypto map for the dynamic connection, using a higher number, such as:
crypto map outside_map 65535 ipsec-isakmp dynamic example_2
Then create the VPN groups.
vpngroup abc address-pool vpnpool
vpngroup abc dns-server 192.168.68.x
vpngroup abc default-domain xxx.com
vpngroup abc split-tunnel Acl-101
vpngroup abc idle-time 1800
vpngroup abc password xxxxx
Sometimes, you may also need the following:
crypto map example_map client configuration address initiate
crypto map example_map client configuration address respond
06-11-2006 09:03 PM
Thanks....
prob solved..........
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide