Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
533
Views
0
Helpful
2
Replies

HELP!!! VPN config.

dpelea
Level 1
Level 1

‎01-14-2002 12:23 AM - edited ‎02-21-2020 11:33 AM

Hello Experts!

Can somebody help me on VPN Pre shared configuration for my pix 515. The problem occurs once the user was able to connect using VPN accounts. He wasn't able to ping neither can connect to any machine that resides on my private network.

My configuration goes something like this, please tell me if I miss something.

Access-list 101 permit ip 1.0.0.0 255.0.0.0 30.0.0.0 255.0.0.0

ip local pool mypool 30.0.0.0-30.0.0.255

nat (inside) 0 access-list 129

sysopt connection permit ip-sec

no sysopt dnat

crypto ipsec transform-set myset esp-des esp-md5-hmac

crypto dynamic-map dynmap 10 set transform-set myset

crypto map mymap 999 ipsec-isakmp dynamic dynmap

crypto map mymap interface outside

isakmp enable outside

isakmp identity address

isakmp policy 10 authentication pre-share

isakmp policy 10 encryption des

isakmp policy 10 hash md5

isakmp policy 10 group 2

isakmp policy 10 lifetime 86400

vpngroup vpnuser address-pool mypool

vpngroup vpnuser dns-server Exchange DNS1

vpngroup vpnuser default-domain mydomain.com

vpngroup vpnuser idle-time 1800

vpngroup vpnuser password ********

Labels:
0 Helpful
2 Replies 2

ssvrao
Level 1
Level 1

‎01-15-2002 12:14 PM

Hi,

can he ping any ip address in the private network? if you can not ping any machine, add a default route to the client with matric 2,

regards,

raul

0 Helpful

ssvrao
Level 1
Level 1

‎01-15-2002 12:15 PM

continued....

the default gateway you add should be the inside ip address of the PIX..

regards,

Raul

0 Helpful
Customers Also Viewed These Support Documents