Is there a basic setup using the VPN wizard for the Cisco pix 506e

This works but then read what I put at the end. Thanks

Stepping through the Wizard:
  Select type: Remote AccessVPN
   Select interface: outside
 * Cisco VPN client
  Group Name:  MYVPNGROUP
  * Pre shared key
  Enable Extended Client Authentication  <== uncheck this box
  nothing is checked on this page
 Pool name:  MYVPNPOOL
  Range start:
  Fill in your local primary DNS server, WINS server and default domain name
 Select:  3DES |  MD5  | Group2(1024bit)
 3DES  | MD5
  *ip address
    Interface inside
    ip address  <== whatever is your local LAN
 Add >>
  X Enable split tunneling

When you setup the client:
New Entry
  Connection:  <whatever>
  Descript:  <whatever>
  Host:  OUTSIDE IP of PIX
  * Group auth
       Name: MYVPNGROUP
       Pass:  mygrouppassword
       Confirm: mygrouppassword
Transport Tab
  X Enable Transparent Tunneling
     * IpSec over UDP (NAT/PAT)

You should not see another username/password prompt again. It should just connect staight away.
You may have to enable NAT Traversal.
From the Main GUI window, VPN tab
        Right about the center of the window there is a chekbox
                                     [X] Enable NAT traversal


Thank you, you definetly have me on the right track. However, setting it up with your config it worked fine until I change something and then nothing will work. I have to completely reset the 506/E and then run the VPN wizard again using your config and it will connect. I tried changing the IP address pool to mine with your config and then it won't work. If I try to go back to your pool it still won't work. I again have to completely reset the 506/E and then run the wizard again. It seems like if I change anything I then have to go back and reset the Pix and start over.
Who is Participating?
lrmooreConnect With a Mentor Commented:
Are you still working on this?
Have you found a solution?
Do you need more information?

This question will be classified as abandoned soon if we don't get some feedback from you.

Can you close out this question? See here for details:

Thanks for your attention!
So, if you run the wizard, but change the pool to something else, like, then it won't work?
I just pulled arbitrary numbers out of a hat for the example.
It does not like it if you try to use the pool from the same subnet as your local lan.
If you want to change it after you run the wizard, it is best to do it from the command line. This way you can remove the crypto map from the interface, make your changes, then reapply the map to the interface.

If you start fresh from the top with your own ip pool, group name and password, then it won't work?
If you change it on the PIX, then you have to change it on the client, too..

If it works just this way, why change it?

itspecearthlinkAuthor Commented:
Thanks, makes sense. and yes I was using a pool from the same subnet as the local lan
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

I am doing the same thing above with a 501 Pix. I am tryingto create a VPN conection with the wizard. I have followed the steps abovr and I still get a 412 error VPN, the local peer is no longer responding. Can I not connect from inside my network? Do I have to be remote?

You should post your own question, but the answer is simple. Yes, you must actually be physically remote. You cannot connect to the outside interface from inside your network to test.
itspecearthlinkAuthor Commented:
Sorry.... Yes The above solved my problem and I am able to connect with no problem
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.