i have 2 pixes (501) and 1 pix is VPN serverThere is VPN site - to - site
i am trying to connect ftrom home connection is OK but i can not use Remote admin (like before) - before i had VPN server only - n site to site - i was doing the same things like www.cisco .cotutorial and does not work
this is my config
Office interface ethernet0 auto interface ethernet1 100full nameif ethernet0 outside security0 nameif ethernet1 inside security100 access-list 100 permit ip 192.168.1.0 255.255.255.0 50.50.67.112
255.255.255.240 access-list 100 permit ip 192.168.1.0 255.255.255.0 192.168.7.0 255.255.255.0 access-list 110 permit ip 192.168.1.0 255.255.255.0 50.50.67.112 255.255.255.240 ip local pool test 192.168.7.1-192.168.7.5 nat (inside) 0 access-list 100 ip address outside 60.60.192.18 255.255.255.240 ip address inside 192.168.1.1 255.255.255.0 sysopt connection permit-ipsec crypto ipsec transform-set myset esp-3des esp-md5-hmac crypto dynamic-map dynmap 30 set transform-set myset crypto map newmap 10 ipsec-isakmp crypto map newmap 10 match address 110 crypto map newmap 10 set peer 50.50.66.239 crypto map newmap 10 set transform-set myset crypto map newmap 20 ipsec-isakmp dynamic dynmap crypto map newmap interface outside isakmp enable outside isakmp key ********* address 50.50.66.239 netmask 255.255.255.255 no-xauth no-config-mode isakmp identity address isakmp policy 10 authentication pre-share isakmp policy 10 encryption 3des isakmp policy 10 hash md5 isakmp policy 10 group 2 isakmp policy 10 lifetime 86400 vpngroup Mygroup address-pool test vpngroup Mygroup dns-server 192.168.1.2 vpngroup Mygroup wins-server 192.168.1.2 vpngroup Mygroup default-domain company.com.com vpngroup Mygroup idle-time 1800 vpngroup Mygroup password gr@ppl3Office2
interface ethernet0 auto interface ethernet1 100full nameif ethernet0 outside security0 nameif ethernet1 inside security100 access-list 100 permit ip 50.50.67.112 255.255.255.240 192.168.1.0
255.255.255.0 nat (inside) 0 access-list 100 ip address outside 50.50.66.239 255.255.255.0 ip address inside 192.168.1.1 255.255.255.0 sysopt connection permit-ipsec crypto ipsec transform-set myset esp-3des esp-md5-hmac crypto map newmap 10 ipsec-isakmp crypto map newmap 10 match address 100 crypto map newmap 10 set peer 60.60.192.18 crypto map newmap 10 set transform-set myset crypto map newmap interface outside isakmp enable outside isakmp key ********* address 60.60.192.18 netmask 255.255.255.255 no-xauth no-config-mode isakmp identity address isakmp policy 10 authentication pre-share isakmp policy 10 encryption 3des isakmp policy 10 hash md5 isakmp policy 10 group 2 isakmp policy 10 lifetime 86400