I am using a Pix firewall, i have four users who will be assigned a vpn group to each one:
ip local pool vpnpool03 172.16.1.3
ip local pool vpnpool02 172.16.1.2
ip local pool vpnpool04 172.16.1.4
ip local pool vpnpool01 172.16.1.1
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto dynamic-map dynmap 20 set transform-set ESP-DES-MD5
crypto map ABCmap 20 ipsec-isakmp dynamic dynmap
crypto map ABCmap client configuration address initiate
crypto map ABCmap client authentication RADIUS
crypto map ABCmap interface outside
isakmp enable outside
isakmp key *** address 0.0.0.0 netmask 0.0.0.0
isakmp identity address
isakmp policy 20 authentication pre-share
isakmp policy 20 encryption des
isakmp policy 20 hash md5
isakmp policy 20 group 2
isakmp policy 20 lifetime 5000
vpngroup vpngroup01 address-pool vpnpool01
vpngroup vpngroup01 dns-server 11.131.0.16 11.131.0.14
vpngroup vpngroup01 wins-server 11.131.0.20 11.131.0.16
vpngroup vpngroup01 default-domain abc.co.za
vpngroup vpngroup01 idle-time 1800
vpngroup vpngroup01 password ***
vpngroup vpngroup03 address-pool vpnpool03
vpngroup vpngroup03 dns-server 11.131.0.16 11.131.0.14
vpngroup vpngroup03 wins-server 11.131.0.20 11.131.0.16
vpngroup vpngroup03 default-domain ABC.co.za
vpngroup vpngroup03 idle-time 1800
vpngroup vpngroup03 password ***
vpngroup vpngroup02 address-pool vpnpool02
vpngroup vpngroup02 dns-server 11.131.0.16 11.131.0.14
vpngroup vpngroup02 wins-server 11.131.0.20 11.131.0.16
vpngroup vpngroup02 default-domain ABC.co.za
vpngroup vpngroup02 idle-time 1800
vpngroup vpngroup02 password ***
vpngroup vpngroup04 address-pool vpnpool04
vpngroup vpngroup04 dns-server 11.131.0.16 11.131.0.14
vpngroup vpngroup04 wins-server 11.131.0.20 11.131.0.16
vpngroup vpngroup04 default-domain ABC.co.za
vpngroup vpngroup04 idle-time 1800
vpngroup vpngroup04 password ***
ca identity na.abc.co.za 11.13.0.16:/certsrv/mscep/mscep.dll
ca configure na.abc.co.za ra 1 10 crloptional
Any ideas?
