Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Simple VPN Setup - 515e ?

I am searching to find how to setup Client VPN access to my PIX. I have read a bunch of different VPN related posts but can't seem to quite find a reference that clearly points out the basics.

What is the easiest way to configure VPN access for a handful of VPN users ? Is there a good basic resource available ?

  • Other Security Subjects

Re: Simple VPN Setup - 515e ?

Re: Simple VPN Setup - 515e ?

Here is an example config without AAA Authentication and local user authentification.

Example config:

access-list NONAT permit ip Internalnet ISubnet VPN-Pool

access-list DYN-VPN-ACL permit ip Internalnet ISubnet VPN-Pool

aaa-server LOCAL protocol local

aaa authentication secure-http-client

sysopt connection permit-ipsec

crypto ipsec transform-set TRANS esp-3des esp-md5-hmac

crypto dynamic-map outside_dyn_map 20 match address DYN-VPN-ACL

crypto dynamic-map outside_dyn_map 20 set transform-set TRANS

crypto map REMOTE 65535 ipsec-isakmp dynamic outside_dyn_map

crypto map REMOTE client authentication LOCAL

crypto map REMOTE interface outside

isakmp enable outside

isakmp identity address

isakmp nat-traversal 20

isakmp policy 10 authentication pre-share

isakmp policy 10 encryption 3des

isakmp policy 10 hash md5

isakmp policy 10 group 2

isakmp policy 10 lifetime 86400

ip local pool VPNPool x.y.z.1-x.y.z.254

vpngroup VPNGroup address-pool VPNPool

vpngroup VPNGroup dns-server dns2 dns1

vpngroup VPNGroup default-domain localdomain

vpngroup VPNGroup idle-time 1800

vpngroup VPNGroup password grouppassword

username vpnclient password vpnclient-password

See also:

Managing VPN Remote Access




Re: Simple VPN Setup - 515e ?

just wondering how you go.