10-10-2005 01:35 PM - edited 02-21-2020 02:02 PM
I am searching to find how to setup Client VPN access to my PIX. I have read a bunch of different VPN related posts but can't seem to quite find a reference that clearly points out the basics.
What is the easiest way to configure VPN access for a handful of VPN users ? Is there a good basic resource available ?
10-10-2005 05:28 PM
10-11-2005 12:39 PM
Here is an example config without AAA Authentication and local user authentification.
Example config:
access-list NONAT permit ip Internalnet ISubnet VPN-Pool 255.255.255.0
access-list DYN-VPN-ACL permit ip Internalnet ISubnet VPN-Pool 255.255.255.0
aaa-server LOCAL protocol local
aaa authentication secure-http-client
sysopt connection permit-ipsec
crypto ipsec transform-set TRANS esp-3des esp-md5-hmac
crypto dynamic-map outside_dyn_map 20 match address DYN-VPN-ACL
crypto dynamic-map outside_dyn_map 20 set transform-set TRANS
crypto map REMOTE 65535 ipsec-isakmp dynamic outside_dyn_map
crypto map REMOTE client authentication LOCAL
crypto map REMOTE interface outside
isakmp enable outside
isakmp identity address
isakmp nat-traversal 20
isakmp policy 10 authentication pre-share
isakmp policy 10 encryption 3des
isakmp policy 10 hash md5
isakmp policy 10 group 2
isakmp policy 10 lifetime 86400
ip local pool VPNPool x.y.z.1-x.y.z.254
vpngroup VPNGroup address-pool VPNPool
vpngroup VPNGroup dns-server dns2 dns1
vpngroup VPNGroup default-domain localdomain
vpngroup VPNGroup idle-time 1800
vpngroup VPNGroup password grouppassword
username vpnclient password vpnclient-password
See also:
Managing VPN Remote Access
sincerely
Patrick
10-19-2005 10:44 PM
just wondering how you go.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: