vpn client non si connette

Virtual private networks e affini

Moderatore: Federico.Lagni

Rispondi
cavallo

ho configurato una vpn ipsec per accesso remoto su un asa5510 ma con vpnclient 5.00 non riesco a connettermi. Qualcuno sa dirmi dove sia l'errore? Posto la parte di configurazione relativa alla VPN.
Grazie a tutti.

crypto isakmp enable outside
access-list VPNUSERS_splitTunnelAcl standard permit any
access-list Inside172_nat0_outbound line 1 extended permit ip 0.0.0.0 0.0.0.0 172.17.22.8 255.255.255.248
username CISCO password m0EvfKE0fdcbMcvj encrypted privilege 0
username CISCO attributes
vpn-group-policy VPNUSERS
ip local pool VPNPOOL 172.17.22.10-172.17.22.15 mask 255.255.255.0
group-policy VPNUSERS internal
group-policy VPNUSERS attributes
vpn-tunnel-protocol IPSec
split-tunnel-policy tunnelspecified
split-tunnel-network-list value VPNUSERS_splitTunnelAcl
dns-server value xxx.xxx.xxx.xxx
default-domain value xxxxxxxx.com
configure terminal
tunnel-group VPNUSERS type remote-access
tunnel-group VPNUSERS general-attributes
default-group-policy VPNUSERS
address-pool VPNPOOL
tunnel-group VPNUSERS ipsec-attributes
pre-shared-key **********
crypto isakmp policy 10 authen pre-share
crypto isakmp policy 10 encrypt 3des
crypto isakmp policy 10 hash sha
crypto isakmp policy 10 group 2
crypto isakmp policy 10 lifetime 86400
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group2
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map outside_map interface outside
nat (Inside172) 0 access-list Inside172_nat0_outbound tcp 0 0 udp 0
Top
Rispondi

Torna a “VPN”