Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

PFS on PIX---Cisco VPN client connection

Does any body try to enable PFS on PIX to Cisco VPN connection. I'm not sure did i do it right or not, but everytime when i enable the PFS function on the PIX, and I try to create a connection from the client, i always get stuck at the last stage, which is saying "Securing Communication Channel".

here is my code on the PIX506

crypto dynamic-map dynmap 50 set transform-set SyscomNYSet

crypto dynamic-map dynmap 50 set pfs group2

are there anything else i need beside the second line?

any suggestion or tip would be appreciate.

Actually i try this on IOS(router) with VPN client connected to it, it works fine.

thank you

Silvia

1 REPLY
New Member

Re: PFS on PIX---Cisco VPN client connection

There is another command in the PIX you need add in to make it working.

"vpngroup pfs"

I just tried it on my PIX with 6.2.1 code, it did work.

Best Regards,

Paul Qiu

397
Views
0
Helpful
1
Replies
CreatePlease to create content