1. Home
  2. Networking Firewalls
  3. PIX 501 VPN connection problem

PIX 501 VPN connection problem

Hi,

I have set up a new PIX 501 (with 10 VPN licenses) at home to protect my own network. I have configured VPN via PDM for L2TP and "Cisco" VPN.

Unfortunatelly I can't yet connect to it either via Cisco VPN client or standard Windows XP L2TP connection from outside.

Hereby I attach an excerpt from the configuration (I have removed nat and access-list lines as this part is working fine):

icmp deny any outside mtu outside 1500 mtu inside 1500 ip local pool VPN_Pool 10.10.10.33-10.10.10.42 arp timeout 14400 aaa-server TACACS+ protocol tacacs+ aaa-server TACACS+ max-failed-attempts 3 aaa-server TACACS+ deadtime 10 aaa-server RADIUS protocol radius aaa-server RADIUS max-failed-attempts 3 aaa-server RADIUS deadtime 10 aaa-server LOCAL protocol local floodguard enable fragment chain 1 sysopt connection permit-ipsec sysopt connection permit-l2tp crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto ipsec transform-set TRANS_ESP_3DES_SHA esp-3des esp-sha-hmac crypto ipsec transform-set TRANS_ESP_3DES_SHA mode transport crypto dynamic-map outside_dyn_map 20 match address outside_cryptomap_dyn_20 crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-SHA crypto dynamic-map outside_dyn_map 40 match address outside_cryptomap_dyn_40 crypto dynamic-map outside_dyn_map 40 set transform-set TRANS_ESP_3DES_SHA crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map crypto map outside_map client authentication LOCAL crypto map outside_map interface outside isakmp enable outside isakmp key ******** address 0.0.0.0 netmask 0.0.0.0 isakmp policy 20 authentication pre-share isakmp policy 20 encryption 3des isakmp policy 20 hash sha isakmp policy 20 group 2 isakmp policy 20 lifetime 86400 vpngroup Otthon address-pool VPN_Pool vpngroup Otthon idle-time 1800 vpngroup Otthon password ******** telnet timeout 5 ssh timeout 5 console timeout 0 vpdn group L2TP-VPDN-GROUP accept dialin l2tp vpdn group L2TP-VPDN-GROUP ppp authentication mschap vpdn group L2TP-VPDN-GROUP client configuration address local VPN_Pool vpdn group L2TP-VPDN-GROUP client authentication local vpdn group L2TP-VPDN-GROUP l2tp tunnel hello 60 vpdn username phrobar password ********* vpdn enable outside username phrobar password Wny2wTtW4X19NXi0 encrypted privilege 15 terminal width 80 Cryptochecksum:d6ac6ef64cb19c50915c4c4f2b3cca25 : end [OK]

Any help would be appreciated!

Reply to
peter.hrobar
Loading thread data ...

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.