Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Not able to Create remote access VPN in PIX through ASDM

Dear All,

I am trying to create remote access VPN in pix 535 through ASDM , but i am unable to do so.

I have done  all the required config ( creating group policies, creating client address pool nat exempt this ip with my internal ip , acl , and binding it....

but still  not able to create tunnel .

Firewall details are :

PIX 535
pix version 8.0(4) 32
ASDM 6.1(5)51

Please share the link or doc  if you can on how to create remote access VPN in pix 535 via  ASDM

3 REPLIES
Cisco Employee

Re: Not able to Create remote access VPN in PIX through ASDM

New Member

Re: Not able to Create remote access VPN in PIX through ASDM

There already few user who are using their VPN . However for one specific user i am unable to create remote access vpn

config done on firewall is

lanuser_nat0_outbound extended permit ip host 10.14.0.100 172.25.21.0 255.255.255.252
!

access-list rsudhir extended permit tcp 172.25.21.0 255.255.255.252 host 10.14.0.100 eq 3389

!

ip local pool rsudhir 172.25.21.1-172.25.21.2 mask 255.255.255.252
!

group-policy rsudhir internal
group-policy rsudhir attributes
vpn-filter value rsudhir

!

username sudhir password jCI1hKrjGVOqlHSR encrypted privilege 15
username sudhir attributes
group-lock value rsudhir

!

tunnel-group rsudhir type remote-access
tunnel-group rsudhir general-attributes
address-pool rsudhir
default-group-policy rsudhir
tunnel-group rsudhir ipsec-attributes
pre-shared-key *

Cisco Employee

Re: Not able to Create remote access VPN in PIX through ASDM

Hi,

Please run the debugs debug cry isa 127 and debug crypto ips 127 and then try to connect and forward those debugs across.

Also, try removing the group-lock from the username attributes section and see if it helps in connecting.

Regards,

Prapanch

260
Views
0
Helpful
3
Replies
CreatePlease login to create content