I need some help going thru this configuration. Previous post, I would like the head quarter PIX 515 configure so that it can accept Cisco VPN client and at the same time l2l with a remote office. I tested out the VPN client and it does not accept username in Windows active directory. But will accept local username within the pix. For my l2l, it does not work. Please review the config in attachment and see if you find something wrong.
The pix code 6.3.5 will not talk to Active Directory. You must install MS IAS server (RADIUS) so that the VPN clients can talk to the IAS then IAS will talk to the AD.
On the cisco site look for 'ipsec configuration examples' and you will find a page full of IPSEC configuration examples on every cisco device (well, nearly) you will also find configuration of IAS to talk to PIX.
Thank you for your respond. My 515E pix has version 7.1.2. It is the pix that is acting as the concentrator or the end point for the Cisco vpn clients. I configured it to use radius and it is point to a windows 2000 radius server (IAS). Previously, when i setup vpn client using ADSM, it works fine but the configurations seems not very clean. By the way, my l2l is up and working. The reason it was not working because the remote office turn off the computer. Right now, i am still having problem with the client VPN. I configure local vpn user and i can vpn but i can not access any resources. Not sure if it has anything to do with my ip pool or the access list. Also, I am attached the debug. level 1-255 debug? I turned on level 7.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :