PIX 506 con 7.1

Virtual private networks e affini

Moderators: Federico.Lagni, Wizard, tonycimo, MaiO, CiscoBoy

PIX 506 con 7.1

Postby S0nic » Tue 15 Oct , 2019 11:52 am

Ciao a tutti,

ho un vecchio PIX 506 sul quale gira la 7.1(2)
con le precedenti versioni 6.X nessun problema con le VPN
ma adesso riscontro difficoltà, o meglio non riesco proprio a tirare su una VPN L2TP Client to Site

qualcuno può aiutarmi con qualche config ?

Grazie in anticipo!
S0nic
Cisco power user
 
Posts: 90
Joined: Sat 18 Feb , 2012 4:19 pm

Re: PIX 506 con 7.1

Postby S0nic » Tue 15 Oct , 2019 4:23 pm

ho provato la seguente config ma purtroppo riscontro un errore nelle ultime righe
allego errore e si seguito configurazione

Spero che qualcuno possa aiutarmi

Code: Select all
pix(config-tunnel-ipsec)# tunnel-group DefaultRAGroup ppp-attributes
                                                          ^
ERROR: % Invalid input detected at '^' marker.
pix(config-tunnel-ipsec)#  no authentication chap
                                      ^
ERROR: % Invalid input detected at '^' marker.
pix(config-tunnel-ipsec)#  authentication ms-chap-v2
                                   ^
ERROR: % Invalid input detected at '^' marker.


config
Code: Select all

ip local pool clientVPNpool 10.4.5.10-10.4.5.20 mask 255.255.255.0

group-policy DefaultRAGroup internal
group-policy DefaultRAGroup attributes
 dns-server value 8.8.8.8
 vpn-tunnel-protocol ipsec
 default-domain value domain.net

crypto ipsec transform-set TRANS_ESP_3DES_MD5 esp-3des esp-md5-hmac

crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac

crypto dynamic-map outside_dyn_map 20 set transform-set TRANS_ESP_3DES_MD5

crypto map outside_map 20 ipsec-isakmp dynamic outside_dyn_map

crypto map outside_map interface outside

crypto isakmp enable outside
crypto isakmp nat-traversal 20


crypto isakmp policy 10 authentication pre-share
crypto isakmp policy 10 encryption 3des
crypto isakmp policy 10 hash sha
crypto isakmp policy 10 group 2
crypto isakmp policy 10 lifetime 86400


tunnel-group DefaultRAGroup general-attributes
 address-pool clientVPNpool
 authentication-server-group (outside) LOCAL


default-group-policy DefaultRAGroup


tunnel-group DefaultRAGroup ipsec-attributes
 pre-shared-key *

tunnel-group DefaultRAGroup ppp-attributes
 no authentication chap
 authentication ms-chap-v2



Code: Select all
# sh ver

Cisco PIX Security Appliance Software Version 7.1(2)

Compiled on Tue 14-Mar-06 17:00 by dalecki
System image file is "flash:/pix712.bin"
Config file at boot was "startup-config"

S0nic
Cisco power user
 
Posts: 90
Joined: Sat 18 Feb , 2012 4:19 pm


Return to VPN

Who is online

Users browsing this forum: No registered users and 0 guests

cron