Help with configuring VPN on Cisco PIX 515

I have a client that has a PIX, and I have very very little experience with
these beasts.  All I need to do is create a couple VPN accounts for some
engineers that want to work remotely.  There is already one account that is
working so I know that VPN is already configured.  I'm hoping this is a
super easy task, and I'm assuming it is, but like I said, I just don't have
the experience with PIX.  Can anyone help??

_________________________________________________________________
PC Magazine’s 2007 editors’ choice for best Web mail—award-winning Windows
Live Hotmail.
http://imagine-windowslive.com/hotmail/?locale=en-us&ocid=TXT_TAGHM_migration_HM_mini_pcmag_0507

Use the GUI, there is a Remote Access VPN Wizard in there, which will
simplify this process for you.

Chris Serafin
Security Engineer
chris@...


Matt Atkins wrote:

Is that the Cisco PDM??



_________________________________________________________________
Catch suspicious messages before you open them—with Windows Live Hotmail.
http://imagine-windowslive.com/hotmail/?locale=en-us&ocid=TXT_TAGHM_migration_HM_mini_protection_0507

No, it is ASDM. But I usually don't recommend using ASDM if you are not
familiar with the command lines. If you could paste the current config
that will be great. Take look below...

group-policy HQ-RA-VPN-POLICY internal
group-policy HQ-RA-VPN-POLICY attributes
 dns-server value 10.1.2.3
vpn-tunnel-protocol IPSec
 default-domain value mytest.com
tunnel-group HQ-RA-VPN-GROUP type ipsec-ra
tunnel-group HQ-RA-VPN-GROUP general-attributes
 address-pool VPN
 authentication-server-group HQ
 default-group-policy HQ-RA-VPN-POLICY
tunnel-group HQ-RA-VPN-GROUP ipsec-attributes
 pre-shared-key *

-----Original Message-----
From: listbounce@... [mailto:listbounce@...]
On Behalf Of Matt Atkins
Sent: Thursday, May 24, 2007 6:58 PM
To: chris@...
Cc: firewalls@...
Subject: Re: Help with configuring VPN on Cisco PIX 515

Is that the Cisco PDM??



>>with these beasts. All I need to do is create a couple VPN accounts
for
>>some engineers that want to work remotely. There is already one
account
>>that is working so I know that VPN is already configured. I'm hoping
this
>>is a super easy task, and I'm assuming it is, but like I said, I just
>>don't have the experience with PIX. Can anyone help??
>>
>>_________________________________________________________________
>>PC Magazine's 2007 editors' choice for best Web mail-award-winning
Windows
>>Live Hotmail.
>>http://imagine-windowslive.com/hotmail/?locale=en-us&ocid=TXT_TAGHM_mi
gration_HM_mini_pcmag_0507
>>
>>
>>
>>
>>.
>>
>

_________________________________________________________________
Catch suspicious messages before you open them-with Windows Live
Hotmail.
http://imagine-windowslive.com/hotmail/?locale=en-us&ocid=TXT_TAGHM_migr
ation_HM_mini_protection_0507




This message is intended only for the personal and confidential use of the recipients named above. If the reader of this email is not the intended recipient, you have received this email in error and any review, dissemination, distribution or copying is strictly prohibited. If you have received this email in error, please notify the sender immediately by return email and permanently delete the copy you received.

This message is provided for informational purposes and should not be construed as a solicitation or offer to buy or sell any securities or related financial instruments. CTC Holdings nor any affiliates ("CTC") are responsible for any recommendation, solicitation, offer or agreement or any information about any transaction, customer account or account activity that may be attached to or contained in this communication. CTC accepts no liability for any content contained in the email, or any errors or omissions arising as a result of e-mail transmission. Any opinions contained in this email constitute the sender's best judgment at this time and are subject to change without notice.

 

Yes, The PDM for 6.x PixOS and the ASDM for 7.x code.

Chris Serafin
Security Engineer
chris@...



Matt Atkins wrote:

Look in configuration for a username (cisco client) or vpdn
username(microsoft client). These commands creates users into de local
database of the pix.

-----Mensaje original-----
De: listbounce@... [mailto:listbounce@...] En
nombre de Matt Atkins
Enviado el: jueves, 24 de mayo de 2007 23:44
Para: firewalls@...
Asunto: Help with configuring VPN on Cisco PIX 515

I have a client that has a PIX, and I have very very little experience with
these beasts.  All I need to do is create a couple VPN accounts for some
engineers that want to work remotely.  There is already one account that is
working so I know that VPN is already configured.  I'm hoping this is a
super easy task, and I'm assuming it is, but like I said, I just don't have
the experience with PIX.  Can anyone help??

_________________________________________________________________
PC Magazine's 2007 editors' choice for best Web mail-award-winning Windows
Live Hotmail.
http://imagine-windowslive.com/hotmail/?locale=en-us&ocid=TXT_TAGHM_migratio
n_HM_mini_pcmag_0507

What are the exact commands to create new users?  I do see the existing
users in the config.

Thanks for the help.

Matt Atkins


_________________________________________________________________
More photos, more messages, more storage—get 2GB with Windows Live Hotmail.
http://imagine-windowslive.com/hotmail/?locale=en-us&ocid=TXT_TAGHM_migration_HM_mini_2G_0507