Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Cisco ASA 5505 VPN User account setup

I have taken over the IT work for a company that has a Cisco ASA 5505 in place for allowing off-site VPN access to their Windows network.  They have a Windows Server 2000 domain currently.  When I took over this network, I noticed that the VPN user names lined up with the user names on the Windows 2000 domain; however, recently I have added a new user to the domain and configured it exactly the same (on the Windows domain server) as another user.  I cannot use this new user name to access the Cisco VPN.

I now have access to the Cisco ASA 5505 appliance but I don't have any users configured for VPN access.  As far as I can tell, they are still able to access their VPN connections as they always have.  But I am not able to add a new VPN user currently.

Can anyone give me any clues on what I am looking for to get a new VPN client setup on this ASA?  In addition, we are in planning to update their server to Windows 2012 (or 2008 at the very least) and I will need to know how to get the clients moved over to the new server.

Any help is appreciated.


Ken Livingston

Hall of Fame Super Silver

Can you share the ASA

Can you share the ASA configuration?

You could have either external authentication to the Windows server as your AAA authentication method or local authentication that has the same usernames. In the case of the former, you could also have group membership as a condition of VPN access.

New Member

Ken, My VPN access policies



My VPN access policies are based upon the users being in specific AD security groups. I do not have any specific users even defined on my ASA.