12-15-2009 12:15 PM
Hi
I have a problem to configure a IPSEC VPN on the SA520W ( 1.0.39) with Cisco VPN Client (5.0.05.290)
In the logs are following error:
ERROR: Could not find configuration for x.x.x.x
ERROR: Could not find configuration for x.x.x.x
ERROR: Could not find configuration for x.x.x.x
ERROR: Could not find configuration for x.x.x.x
I think it´s a problem in the configuration:
connection name: OK
pre-shared key: OK
local wan interface: OK
For "Remote & Local WAN Adresses" i don´t now what they mean.
Thanks for help
12-15-2009 11:11 PM
Unfortunately the SA will only work with QuickVPN and will not work with Cisco VPN clients. The Cisco VPN clients typically are setup with groups and users, similar to QVPN (minus the groups) but also with access rules depending on what the client is allowed to connect to. The SA and all the Small Business routers do not have these settings.
The screenshot that you posted is to set up a Client to Gateway IPSec tunnel. The "Remote and Local" addresses would be referencing your router's WAN to accept the connection (if you have multiple public IPs) and the Client's WAN IP. Again, we can't use this set up for client access (as in workstation) for either Cisco or QVPN.
For QVPN you just need to create users under the IPSec section, then users. When you create an user select QVPN and fill in the rest.
Hope this helps.
12-16-2009 01:09 AM
is it planned that in future the cisco vpn client works with the sa520?
because in our company we use the asa 5510 and i use the sa520 at home and it is possible that i can use 1 vpn client for both systems
can i create a site2site connection between an asa55xx and a sa520?
thanks
12-19-2009 11:57 PM
I do not beleive we will be seeing a Cisco VPN client that will cover all platforms any time soon, but you never know. Yes, you can absolutely create a Gateway to Gateway tunnel to any IPSec capable router.
EDIT:
forgot to mention that shrewsoft vpn client should work for the ASA; it works perfect with the SA500 series routers. That should give you one VPN client for both sites without having to be locked down to gateway-to-gateway.
02-12-2010 02:29 AM
Hi, I would like your help why I have problem with vpn configuration with Shrewsoft to SA 520.
On Cisco appliance I have configured an VPN with ipsec user and PSK but when I try to connect I have in log:
2010-02-12 09:04:55: INFO: Adding IPSec configuration with identifier "damorvpn" 2010-02-12 09:04:55: INFO: Adding IKE configuration with identifer "myvpn" 2010-02-12 10:14:05: ERROR: Could not find configuration for 217.x.y.z[500]
I have used the default parameter on Cisco and in vpn client I have used:
Authentication Method --> Mutual PSK+XAuth
Identification Type: FQDN --> local.com
Remote Identity: Any
..and all parameters are default.
On Shrewsoft I have:
config loaded for site 'myvpn'
configuring client settings ...
attached to key daemon ...
peer configured
iskamp proposal configured
esp proposal configured
client configured
local id configured
pre-shared key configured
bringing up tunnel ...
negotiation timout occurred
tunnel disabled
detached from key daemon ...
I very much hope in a your help, thanks.
-
Salvatore.
03-21-2010 05:08 PM
Can you post a config example between a SA520 and an ASA5510 IPSec VPN?
12-12-2011 11:58 PM
Hey I' ve got the Solution. it really works, I've searched for a solution as well and couldn' t find it on the web. I' ve made a Howto in PDF but sorry can't upload it here. I' ve used a Cisco SA520W device with Firmware version 2.1.71 and Cisco VPN-Client version 5.0.07.041. If anybody want my Howto shell PM me.
12-13-2011 12:16 AM
05-20-2012 12:25 PM
Hi Thanks for posting those screen shots. I will really help me out in my test deployments. No only if the Cisco AnyConnect VPN system that is on the ISR/ASA could be posted over to the SA5xx.
That would make our lives so much easier.
Michael Peterman
12-24-2012 09:17 AM
From what I understand, the SA520 is supposed to be able to use the Cisco VPN Client. I've configured according to the pictures above but to no avail. I updated to firware version 2.2.0.7, but still nothing. Are there any special settings in the Cisco VPN client that I need, or a certain verison that I have to use?
To give some background. The SA520 that I have was preloaded with 2.1.72 and the Cisco VPN client worked great, but I could not do any VPN passthrough for a PPTP server. Reverted it back to 2.1.71 (it was the only supported version at the time, and it broke the Cisco VPN client but fixed the PPTP). So I know the config I have is good, but the change in firmware "screwed" me.
Are there any other suggestions on setup rather than using the wizard and checkin the Cisco VPN client box to help with setup?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide