Solved

Cisco Pix 515E Disable VPN

Posted on 2009-07-02
4
587 Views
Last Modified: 2012-05-07
I have a client that uses a cisco pix 515e. I am using the cisco ASDM utility for configuration. They use the cisco vpn client and they have 2 site-to-site tunnels established as well. They don't want the site-to-site tunnels established all of the time so I tried unchecking the enabled box next to either one of them in the ASDM and when I click apply I get the following error message: Error in Sending Command
 [OK] group-policy GroupPolicy1 attributes
      group-policy GroupPolicy1 attributes
[ERROR] vpn-tunnel-protocol svc
      
vpn-tunnel-protocol svc
                    ^
 % Invalid input detected at '^' marker.

[OK] configure terminal

I need to know how I can disable a particular vpn without affecting another
0
Comment
Question by:aaronbwoods
  • 2
4 Comments
 
LVL 33

Expert Comment

by:MikeKane
ID: 24765355
What version of PIX code are you running?
0
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 24765374
HI,
I advise you tou disable the access-list which responsible for the vpn, it is easy to manage, if you know what time peridicly want to use check time the access-list timelist:

Configuration > Firewall > Access Rules

Configuration > Firewall > Objects > Time Ranges

Best regards,
Istvan
0
 

Author Comment

by:aaronbwoods
ID: 24835957
pix version is 6.3. I would not have any problem just disabling the access-list but the customer is going to be doing this and they would like to be able to just uncheck the enable button next to the vpn tunnel
0
 
LVL 33

Accepted Solution

by:
MikeKane earned 500 total points
ID: 24852560
As a suggestion, you could script a solution to enable and disable the access list using telnet or ssh command line.    Have you given that any consideration?
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now