01-19-2011 02:35 PM
Our firm has finally made the switch from Sonicwall to Cisco for our SMB clients. I have our first customer up with a solid site-to-site VPN and have configured the main office router for Cisco VPN Client connections via the VPN wizard.
When I install the VPN Client on the desktops it does not allow inputting of all options required (less you have an SSL VPN). I am assuming there is a process I am missing for exporting a connection profile that the Cisco VPN Client users can import to make their connection.
Is there any step by step guides out there for creating the connection profile file to distribute to clients?
Solved! Go to Solution.
01-20-2011 07:34 AM
Hi,
The ASDM wizard is for the configuration on the ASA. That wizard will help you finish the VPN configuration on the ASA end.
You will have to define the same in the client, so that they can negotiate and connect.
Connection entry feild in the client is what you want it to be seen as on the VPN client - it can be any name
Host will be the outside ip address of the ASA.
Group options:
name - tunnel group name same as defined on the ASA
Password- preshared key as on ASA.
Confirm password - same preshared key.
Once you finish this you will see the client having an entry same as connection entry. you need to click on connect over there. A prompt for username and password will come. please enter the login crendentials. VPN will connect.
You can distribute the .pcf file formed in the location mentioned in the above post. once the other client receive the .pcf, they need to import it by clicking on the tab present on the VPN client.
Regards,
Anisha
01-20-2011 07:45 AM
hehe.. ok..
the link below will help understanding the user guide in more detail:
Regards,
Anisha
P.S.: please mark this post resolved if you feel your query is answered.
01-20-2011 06:56 AM
Is there a support number for resellers, or any other documentation out there on this? I really need to get some assistance on this today.
Client unhappy.
01-20-2011 07:11 AM
Hey Matthew,
When you say it does not allow you to enter all information on the client, what exactly is happening?
To import profiles to the VPN client, you need something called a .pcf file which contains all details pertaining to the connection entry. If you have one PC with the PVN client already setup, you can get the .pcf file from the install directory Profile folder and import to other client machines.
Hope that helps!!
Cheers,
Prapanch
01-20-2011 07:13 AM
Hi,
Do you mean a .pcf file where in the configuration of the Connection entry, description,host, group name and group password will be present?
You can confiigure the VPN client on single pc and then copy it from C:\Program files\Cisco Systems\VPN Client\Profiles.
You can distribute this .pcf file.
Regards,
Anisha
P.S.: please mark this thread as resolved if you think your query is answered.
01-20-2011 07:24 AM
Thanks for the reply. I figured that would be the case with the connection profile file.
When the client opens it asks for the following..
Group or Mutual Group Auth, under Group there are these options...
1.) name
2.) password
3.) confirm password
above this it asks for a host and connection entry, with description.
So when I ran the wizard in the 5505 ADSM it asked for username/password as well as pre-shared key. So I feel like I am missing something. I try entering the username/password and it connects/disconnects immediately.
01-20-2011 07:34 AM
Hi,
The ASDM wizard is for the configuration on the ASA. That wizard will help you finish the VPN configuration on the ASA end.
You will have to define the same in the client, so that they can negotiate and connect.
Connection entry feild in the client is what you want it to be seen as on the VPN client - it can be any name
Host will be the outside ip address of the ASA.
Group options:
name - tunnel group name same as defined on the ASA
Password- preshared key as on ASA.
Confirm password - same preshared key.
Once you finish this you will see the client having an entry same as connection entry. you need to click on connect over there. A prompt for username and password will come. please enter the login crendentials. VPN will connect.
You can distribute the .pcf file formed in the location mentioned in the above post. once the other client receive the .pcf, they need to import it by clicking on the tab present on the VPN client.
Regards,
Anisha
01-20-2011 07:37 AM
I am aware of the ADSM being for the CIsco unit. I am an old PIX user and have read through the manual.
You input though is very helpful. I did not know a second prompt would appear for the username/password, now all seems much more complete. I will give it a try.
01-20-2011 07:45 AM
hehe.. ok..
the link below will help understanding the user guide in more detail:
Regards,
Anisha
P.S.: please mark this post resolved if you feel your query is answered.
01-20-2011 07:52 AM
Now I have forgotten my preshared key. LOL. Is it safe to re-run the wizard or is there a place to reset the preshared key?
01-20-2011 08:07 AM
do you have access to the CLI of the ASA.
if yes, enter the command more system:running-config | b tunnel-group. you will see the pre-shared key.
If not you can go to the ASDM >Configuration > Remote Access VPN > Network Client Access > IPSec Connection profile > Select the VPN connection Profile > Edit and change the pre-shared key.
Regards,
Anisha
P.S.: Please mark this thread resolved if you feel your query is answered
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide