cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
437
Views
0
Helpful
3
Replies

Not able to Create remote access VPN in PIX through ASDM

sudhir.rai
Level 1
Level 1

Dear All,

I am trying to create remote access VPN in pix 535 through ASDM , but i am unable to do so.

I have done  all the required config ( creating group policies, creating client address pool nat exempt this ip with my internal ip , acl , and binding it....

but still  not able to create tunnel .

Firewall details are :

PIX 535
pix version 8.0(4) 32
ASDM 6.1(5)51

Please share the link or doc  if you can on how to create remote access VPN in pix 535 via  ASDM

3 Replies 3

There already few user who are using their VPN . However for one specific user i am unable to create remote access vpn

config done on firewall is

lanuser_nat0_outbound extended permit ip host 10.14.0.100 172.25.21.0 255.255.255.252
!

access-list rsudhir extended permit tcp 172.25.21.0 255.255.255.252 host 10.14.0.100 eq 3389

!

ip local pool rsudhir 172.25.21.1-172.25.21.2 mask 255.255.255.252
!

group-policy rsudhir internal
group-policy rsudhir attributes
vpn-filter value rsudhir

!

username sudhir password jCI1hKrjGVOqlHSR encrypted privilege 15
username sudhir attributes
group-lock value rsudhir

!

tunnel-group rsudhir type remote-access
tunnel-group rsudhir general-attributes
address-pool rsudhir
default-group-policy rsudhir
tunnel-group rsudhir ipsec-attributes
pre-shared-key *

Hi,

Please run the debugs debug cry isa 127 and debug crypto ips 127 and then try to connect and forward those debugs across.

Also, try removing the group-lock from the username attributes section and see if it helps in connecting.

Regards,

Prapanch

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: