Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

PIX VPNGROUP - Many users per group


When configure PIX to VPN client 3.x , we use the command vpngroup.

How about if I have 20 VPN client users, does it mean I need to create 20 vpngroup XX profile ?

Can we have multiple users in one group and assign individual user with unique username/password ?

Just like the vpndn command for PPTP.


Cisco Employee

Re: PIX VPNGROUP - Many users per group

You can certainly have more than one user per group. All you need to do is the following:

vpngroup address-pool ippool

vpngroup dns-server

vpngroup wins-server

vpngroup default-domain

vpngroup password

Then define the group in all your users VPn client connection profiles. To set up authentication locally on teh PIX, just add the following:

crypto map client authentication LOCAL

username password

You can have as many username/password combinations as you like.

The only thing you can't do is have one group use local authentication and another group use say, TACACS or Radius authentication, every group has to use the same authentication mechanism, but as I said, you can have one group or multiple groups, it's up to you.

New Member

Re: PIX VPNGROUP - Many users per group

Thanks a lot !

Best Regards.

CreatePlease to create content