Reading over this forum, seems everyone has trouble setting up VPN access on the SA540. I'm no different.
One thing I DID figure out is, the quickVPN client works much better if you delete any IKE and/or VPN profiles first. Seems backwards I know, but if there's a a manual setup in the SA540, quickVPN sits there and gives me errors all day long. Remove setup, and it works.
Now my particular issue is, I need to establish IPSec or SSL VPN with Windows 7 / XP built-in VPN. QuickVPN users can't be stored remotely on a RADIUS server, and this is an issue I can't work around.
I'm thinking there's a connection issue due to the "local gateway" and "remote endpoint" settings. No idea what these should be set to, and the Admin Guide didn't help. As far as I can tell, there isn't a remote endpoint setting to be had, because these are remote users connecting from random IPs from across the internet.
Second issue is, having some serious trouble getting certificates to work. We don't have a PKI established anyway, but I created a lab setup with Server 2008 R2 and managed to create and upload a local cert, machine cert (to client) and a private CA cert. The SA took the pertinent certs, but client VPN either says "server certificate is not trusted" in the case of QuickVPN, or if I try connecting over L2TP/IPSec "tunnel failed - a certificate chain started processing but failed". Very annoying.
Reboot and Factory Default Reset on ISA500 Series Integrated Security Appliances
Reboot or restart of the network device is made when certain changes in the settings need reboot or if the device is frozen. The configuration...
WAN Quality of Service (QoS) Policy Profiles Settings on ISA500 Series Integrated Security Appliances
Wide Area Network (WAN) Quality of Service (QoS) policy profiles manage traffic through classed-based profiles. These pro...
Cisco QuickVPN Installation Tips for Windows Operating Systems
For a video showing installation tips on Quick VPN, visit http://youtu.be/hHu2z6A78N8
Cisco QuickVPN is a free software designed for remote access to a ne...