hi jennifer,

i am using local user database only

i am having exactly the same configuration which is there in that link.

if you are having exactly the same configuration, I really don't see a reason why it wouldn't work.

One thing to check is your global ip pool does not overlap with the ip address that you statically assign to your vpn user.

hi jenni,

i am attaching my config here , plz check and let me know the errors.

thanks

cyril

Configuration looks absolutely perfect.

Can you please try to connect and send through the following debug output:

debug cry isa

debug cry ipsec

And also advise which username you are trying to connect with and what ip address you are getting allocated when connected via vpn. Thanks.

Hi Cyril,

Have you tried to add te command "vpn-addr-assign local"? (Per doc the 'show run' does not show this commnad).

Thx

MS

hi jenni,

i am attaching the log file from asdm

and i am using remoteuser2 as a account for vpn connection and i am getting first ip address from the vpn pool.

Yeah, doesn't look like the user attributes of the static ip address is getting used, but the ip address from the global pool is assigned.

I would upgrade the ASA to the latest version of 8.2.x to see if this resolves the issue. Otherwise, if you would like to troubleshoot this further, I would suggest opening a TAC case.

hi jenni,

i got the solution.. i upgraded the asa to 8.2(5) then also the same the i change the command from

no vpn-addr-assign aaa to vpn-addr-assign aaa

then started working

thanks for ur help

cyril