Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Setting up VPN with VPN Client - no RADIUS

What commands would I need to enter to allow my users (a hand full) to connect via VPN to a 506E using the Cisco VPN client. I do not have a RADIUS server. Can I setup local authentication for this? If not, how would my users authenticate?

Thanks.

3 REPLIES
Silver

Re: Setting up VPN with VPN Client - no RADIUS

Pls refer this link for sample config

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008009484e.shtml

and yes local authentication is possible.

Regds

New Member

Re: Setting up VPN with VPN Client - no RADIUS

Thanks for the reply. I did see that but was a little worried that it was a different VPN client. Is this the same as the Cisco VPN client?

Is the Cisco VPN Client the same as the Cisco VPN Secure VPN Client? The client I have it totally different and can't see where I would set this up. My VPN client's icon is a padlock.

Do I need to use a different client to connect this way (as opposed to with a RADIUS server)?

Thanks.

Gold

Re: Setting up VPN with VPN Client - no RADIUS

pix can authenticate remote user against its local database. the local database is created by the command "username xxx password xxx".

below is the sample codes for configuring remote vpn access for pix v6.x.

access-list 101 permit ip 192.168.1.0 255.255.255.0 10.1.1.0 255.255.255.0

access-list 120 permit ip 192.168.1.0 255.255.255.0 10.1.1.0 255.255.255.0

nat (inside) 0 access-list 101

isakmp policy 10 authentication pre-share

isakmp policy 10 encryption 3des

isakmp policy 10 hash md5

isakmp policy 10 group 2

isakmp policy 10 lifetime 86400

isakmp identity address

isakmp nat-traversal 20

crypto ipsec transform-set vpnset esp-3des esp-md5-hmac

ip local pool ippool 10.1.1.11-10.1.1.21

vpngroup vpnclient address-pool ippool

vpngroup vpnclient idle-time 1800

vpngroup vpnclient password cisco456

vpngroup vpnclient split-tunnel 120

crypto dynamic-map dynmap 10 set transform-set vpnset

crypto map remote_vpn 20 ipsec-isakmp dynamic dynmap

username cisco password cisco123

aaa-server LOCAL protocol local

crypto map remote_vpn client authentication LOCAL

crypto map remote_vpn client configuration address initiate

crypto map remote_vpn client configuration address respond

102
Views
0
Helpful
3
Replies
CreatePlease to create content