Setup Cisco VPN Client access on an ASA 5512-x not working

I have tried repeated to setup Cisco Vpn Client access on a Cisco ASA 5512-x with no success.  Have even tried getting Cisco techs to help again without success.  Is there anyone out there that has experience with this?
davidgeeeeAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Patrick BogersDatacenter platform engineer LindowsCommented:
Please upload your config but first strip your passwords out.
0
davidgeeeeAuthor Commented:
SETFW# sh run
: Saved
:
ASA Version 8.6(1)2
!
hostname SETFW
domain-name sfcu.local
enable password ngK4FpmdDvb1KBKL encrypted
passwd ngK4FpmdDvb1KBKL encrypted
names
!
interface GigabitEthernet0/0
 description Outside
 nameif Outside
 security-level 0
 ip address 24.213.xx.46 255.255.255.252
!
interface GigabitEthernet0/1
 description Inside
 nameif Inside
 security-level 100
 ip address 192.168.41.253 255.255.255.0
!
interface GigabitEthernet0/2
 shutdown
 no nameif

 no security-level

 no ip address
!
interface GigabitEthernet0/3
 shutdown
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet0/4
 shutdown
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet0/5
 shutdown
 no nameif
 no security-level
 no ip address
!
interface Management0/0
 nameif management
 security-level 100
 ip address 192.168.1.3 255.255.255.0

 management-only
!
boot system disk0:/asa861-2-smp-k8.bin
ftp mode passive
clock timezone EST -5
clock summer-time EDT recurring
dns server-group DefaultDNS
 domain-name sfcu.local
same-security-traffic permit intra-interface
object network vpnsourcesubnets
 subnet 192.168.41.0 255.255.255.0
object network vpndestinations
 subnet 192.168.42.0 255.255.255.0
object network obj-192.168.41.5
 host 192.168.41.5
object network NETWORK_OBJ_192.168.40.0_23
 subnet 192.168.40.0 255.255.254.0
object network NETWORK_OBJ_192.168.41.224_28
 subnet 192.168.41.224 255.255.255.240
object service SMTP
 service tcp source eq smtp
object network obj-192.168.41.10
 host 192.168.41.10
object service IMAPS

 service tcp source eq 993
object service POP3
 service tcp source eq pop3
object service IMAP4
 service tcp source eq imap4
object service POP3S
 service tcp source eq 995
object service obj-https
 service tcp source eq https
object network NETWORK_OBJ_10.10.10.0_28
 subnet 10.10.10.0 255.255.255.240
access-list encryptACL extended permit ip 192.168.41.0 255.255.255.0 192.168.42.0 255.255.255.0
access-list Outside_access_in extended permit tcp any host 192.168.41.10 eq https
access-list Outside_access_in extended permit ip any host 192.168.41.10
access-list Outside_access_in extended permit tcp any host 192.168.41.5 eq smtp
access-list split standard permit 192.168.41.0 255.255.255.0
pager lines 24
logging enable
logging buffer-size 1048576
logging buffered debugging
logging asdm informational
mtu Outside 1500
mtu Inside 1500
mtu management 1500

ip local pool vpn 192.168.40.6-192.168.41.10 mask 255.255.255.0
ip local pool BradScott 192.168.41.230-192.168.41.235 mask 255.255.255.0
ip local pool VPNPool 10.10.10.5-10.10.10.10 mask 255.255.255.0
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-66114.bin
no asdm history enable
arp timeout 14400
nat (Inside,Outside) source static obj-192.168.41.10 interface service obj-https obj-https
nat (Inside,Outside) source static obj-192.168.41.10 interface service POP3S POP3S
nat (Inside,Outside) source static obj-192.168.41.10 interface service POP3 POP3
nat (Inside,Outside) source static obj-192.168.41.10 interface service IMAP4 IMAP4
nat (Inside,Outside) source static obj-192.168.41.10 interface service IMAPS IMAPS
nat (Inside,Outside) source static obj-192.168.41.5 interface service SMTP SMTP
nat (Inside,Outside) source static vpnsourcesubnets vpnsourcesubnets destination static vpndestinations vpndestinations no-proxy-arp route-lookup
nat (Inside,Outside) source static any any destination static NETWORK_OBJ_192.168.41.224_28 NETWORK_OBJ_192.168.41.224_28 no-proxy-arp route-lookup
nat (Inside,Outside) source static any any destination static NETWORK_OBJ_192.168.40.0_23 NETWORK_OBJ_192.168.40.0_23 no-proxy-arp route-lookup
nat (Outside,Outside) source dynamic NETWORK_OBJ_192.168.40.0_23 interface
nat (Inside,Outside) source static any any destination static NETWORK_OBJ_10.10.10.0_28 NETWORK_OBJ_10.10.10.0_28 no-proxy-arp route-lookup
!
nat (Inside,Outside) after-auto source dynamic any interface
access-group Outside_access_in in interface Outside
route Outside 0.0.0.0 0.0.0.0 24.213.xx.45 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
user-identity default-domain LOCAL
http server enable
http 192.168.1.0 255.255.255.0 management
http 0.0.0.0 0.0.0.0 Inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
crypto ipsec ikev1 transform-set VPNset esp-3des esp-sha-hmac
crypto ipsec ikev1 transform-set L2TP esp-3des esp-sha-hmac
crypto ipsec ikev1 transform-set L2TP mode transport
crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac

crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group1
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev1 transform-set L2TP ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map emap 20 match address encryptACL
crypto map emap 20 set peer 71.13.110.26
crypto map emap 20 set ikev1 transform-set VPNset
crypto map emap 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map emap interface Outside
crypto ca trustpoint ASDM_TrustPoint0
 enrollment terminal
 fqdn settlers.com
 subject-name CN=SETFW.sfcu.local,O=Settlers Federal Credit Union,C=US
 crl configure
crypto ikev1 enable Outside
crypto ikev1 policy 10
 authentication pre-share
 encryption 3des
 hash sha
 group 2
 lifetime 1800
telnet 0.0.0.0 0.0.0.0 Inside
telnet timeout 5
ssh timeout 5

console timeout 0
management-access Inside
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
 anyconnect image disk0:/anyconnect-win-2.5.2014-k9.pkg 1
 anyconnect enable
group-policy BradScott internal
group-policy BradScott attributes
 wins-server value 192.168.41.10
 dns-server value 192.168.41.10
 vpn-tunnel-protocol ikev1 ikev2 ssl-client
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value split
 default-domain value sfcu.local
group-policy Bradford internal
group-policy Bradford attributes
 dns-server value 24.213.60.93 8.8.8.8
 vpn-tunnel-protocol ikev1
 default-domain value sfcu.local
group-policy BradScottVPN internal
group-policy BradScottVPN attributes
 dns-server value 24.213.60.93 8.8.8.8

 vpn-tunnel-protocol ikev1 l2tp-ipsec
 default-domain value sfcu.local
group-policy DefaultRAGroup internal
group-policy DefaultRAGroup attributes
 dns-server value 192.168.41.10
 vpn-tunnel-protocol l2tp-ipsec
 default-domain value sfcu.local
group-policy DfltGrpPolicy attributes
 vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec
username Bradford2 password OwXhtJaJ5GjHsr2z encrypted privilege 15
username bradscott password hu7kXAHXA8wbGi1Bt5DBIw== nt-encrypted privilege 0
username bradscott attributes
 vpn-group-policy DefaultRAGroup
username bsset password tOqCpC5z7Y58/NZ9 encrypted privilege 15
username 906admin password JzgQej1vXGNhZy5G encrypted
username 906tech password FFdr21Do.ETFHxn3 encrypted privilege 15
username cisco password ffIRPGpDSOJh9YLq encrypted privilege 15
tunnel-group DefaultRAGroup general-attributes
 address-pool vpn
 default-group-policy DefaultRAGroup
tunnel-group DefaultRAGroup ipsec-attributes
 ikev1 pre-shared-key *****
tunnel-group DefaultRAGroup ppp-attributes
 authentication ms-chap-v2

tunnel-group 71.13.110.26 type ipsec-l2l
tunnel-group 71.13.110.26 ipsec-attributes
 ikev1 pre-shared-key *****
tunnel-group BradScott type remote-access
tunnel-group BradScott general-attributes
 address-pool BradScott
 default-group-policy BradScott
tunnel-group BradScott webvpn-attributes
 group-alias BradScott enable
tunnel-group BradScott ipsec-attributes
 ikev1 pre-shared-key *****
tunnel-group BradScottVPN type remote-access
tunnel-group BradScottVPN general-attributes
 address-pool VPNPool
 default-group-policy BradScottVPN
tunnel-group BradScottVPN ipsec-attributes
 ikev1 pre-shared-key *****
tunnel-group Bradford type remote-access
tunnel-group Bradford general-attributes
 address-pool VPNPool
 default-group-policy Bradford
tunnel-group Bradford ipsec-attributes
 ikev1 pre-shared-key *****
!

class-map inspection_default
 match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
 parameters
  message-length maximum client auto
  message-length maximum 512
policy-map global_policy
 class inspection_default
  inspect dns preset_dns_map
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect sqlnet
  inspect skinny  
  inspect sunrpc
  inspect xdmcp
  inspect sip  
  inspect netbios
  inspect tftp
  inspect ip-options

  inspect icmp
!
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
Cryptochecksum:512622cb03ad0bb4711c1beda1abf375
0
HalldorGCommented:
Think natting is missing for the vpn access
The BradScottVPN  looks closest to correct

Note the Address pool should not be part of the inside network
And the no nat for the vpn is needed

This looks reversed

Look like


object network inside-network
   subnet 192.168.41.0 255.255.255.0
object network vpn-pool-network
    subnet 10.10.10.0 255.255.255.240

pool the-vpn-pool 10.10.10.1 10.10.10.14 netmask 255.255.255.240

nat (Inside,Outside) source static inside-network inside-network  destination static  vpn-pool-network vpn-pool-network

access-list split permit 192.168.41.0 255.255.255.0


tunnel-group BradScottVPN type remote-access
tunnel-group BradScottVPN general-attributes
 address-pool VPNPool ------------------------>>>> change to vpn-pool
 default-group-policy BradScottVPN
tunnel-group BradScottVPN ipsec-attributes
 ikev1 pre-shared-key *****

group-policy BradScottVPN internal
group-policy BradScottVPN attributes
 dns-server value 24.213.60.93 8.8.8.8

 vpn-tunnel-protocol ikev1 l2tp-ipsec
 default-domain value sfcu.local


Just add
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value split

And this should be close to correct
0
Become an IT Security Management Expert

In today’s fast-paced, digitally transformed world of business, the need to protect network data and ensure cloud privacy has never been greater. With a B.S. in Network Operations and Security, you can get the credentials it takes to become an IT security management expert.

davidgeeeeAuthor Commented:
Thanks I'll try this in the morning!
0
davidgeeeeAuthor Commented:
Cisco VPN client give this error:

Secure VPN Connection terminated locally by the Client.
Reason 412: The remote peer is no longer responding.




I think I entered things the way you suggested.  See Config below:

SETFW# sh run
: Saved
:
ASA Version 8.6(1)2
!
hostname SETFW
domain-name sfcu.local
enable password ngK4FpmdDvb1KBKL encrypted
passwd ngK4FpmdDvb1KBKL encrypted
names
!
interface GigabitEthernet0/0
 description Outside
 nameif Outside
 security-level 0
 ip address 24.213.24.46 255.255.255.252
!
interface GigabitEthernet0/1
 description Inside
 nameif Inside
 security-level 100
 ip address 192.168.41.253 255.255.255.0
!
interface GigabitEthernet0/2
 shutdown
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet0/3
 shutdown
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet0/4
 shutdown
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet0/5
 shutdown
 no nameif
 no security-level
 no ip address
!
interface Management0/0
 nameif management
 security-level 100
 ip address 192.168.1.3 255.255.255.0
 management-only
!
boot system disk0:/asa861-2-smp-k8.bin
ftp mode passive
clock timezone EST -5
clock summer-time EDT recurring
dns server-group DefaultDNS
 domain-name sfcu.local
same-security-traffic permit intra-interface
object network vpnsourcesubnets
 subnet 192.168.41.0 255.255.255.0
object network vpndestinations
 subnet 192.168.42.0 255.255.255.0
object network obj-192.168.41.5
 host 192.168.41.5
object network NETWORK_OBJ_192.168.40.0_23
 subnet 192.168.40.0 255.255.254.0
object network NETWORK_OBJ_192.168.41.224_28
 subnet 192.168.41.224 255.255.255.240
object service SMTP
 service tcp source eq smtp
object network obj-192.168.41.10
 host 192.168.41.10
object service IMAPS
 service tcp source eq 993
object service POP3
 service tcp source eq pop3
object service IMAP4
 service tcp source eq imap4
object service POP3S
 service tcp source eq 995
object service obj-https
 service tcp source eq https
object network NETWORK_OBJ_10.10.10.0_28
 subnet 10.10.10.0 255.255.255.240
object network inside-network
 subnet 192.168.41.0 255.255.255.0
object network vpn-pool-network
 subnet 10.10.10.0 255.255.255.240
access-list encryptACL extended permit ip 192.168.41.0 255.255.255.0 192.168.42.0 255.255.255.0
access-list Outside_access_in extended permit tcp any host 192.168.41.10 eq https
access-list Outside_access_in extended permit ip any host 192.168.41.10
access-list Outside_access_in extended permit tcp any host 192.168.41.5 eq smtp
access-list split standard permit 192.168.41.0 255.255.255.0
pager lines 24
logging enable
logging buffer-size 1048576
logging buffered debugging
logging asdm informational
mtu Outside 1500
mtu Inside 1500
mtu management 1500
ip local pool vpn 192.168.40.6-192.168.41.10 mask 255.255.255.0
ip local pool BradScott 192.168.41.230-192.168.41.235 mask 255.255.255.0
ip local pool VPNPool 10.10.10.5-10.10.10.10 mask 255.255.255.0
ip local pool vpn-pool 10.10.10.11-10.10.10.14 mask 255.255.255.240
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-66114.bin
no asdm history enable
arp timeout 14400
nat (Inside,Outside) source static obj-192.168.41.10 interface service obj-https obj-https
nat (Inside,Outside) source static obj-192.168.41.10 interface service POP3S POP3S
nat (Inside,Outside) source static obj-192.168.41.10 interface service POP3 POP3
nat (Inside,Outside) source static obj-192.168.41.10 interface service IMAP4 IMAP4
nat (Inside,Outside) source static obj-192.168.41.10 interface service IMAPS IMAPS
nat (Inside,Outside) source static obj-192.168.41.5 interface service SMTP SMTP
nat (Inside,Outside) source static vpnsourcesubnets vpnsourcesubnets destination static vpndestinations vpndestinations no-proxy-arp route-lookup
nat (Inside,Outside) source static any any destination static NETWORK_OBJ_192.168.41.224_28 NETWORK_OBJ_192.168.41.224_28 no-proxy-arp route-lookup
nat (Inside,Outside) source static any any destination static NETWORK_OBJ_192.168.40.0_23 NETWORK_OBJ_192.168.40.0_23 no-proxy-arp route-lookup
nat (Outside,Outside) source dynamic NETWORK_OBJ_192.168.40.0_23 interface
nat (Inside,Outside) source static any any destination static NETWORK_OBJ_10.10.10.0_28 NETWORK_OBJ_10.10.10.0_28 no-proxy-arp route-lookup
nat (Inside,Outside) source static inside-network inside-network destination static vpn-pool-network vpn-pool-network
!
nat (Inside,Outside) after-auto source dynamic any interface
access-group Outside_access_in in interface Outside
route Outside 0.0.0.0 0.0.0.0 24.213.24.45 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
crypto map emap 20 match address encryptACL
crypto map emap 20 set peer 71.13.110.26
crypto map emap 20 set ikev1 transform-set VPNset
crypto map emap 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map emap interface Outside
crypto ca trustpoint ASDM_TrustPoint0
 enrollment terminal
 fqdn settlers.com
 subject-name CN=SETFW.sfcu.local,O=Settlers Federal Credit Union,C=US
 crl configure
crypto ikev1 enable Outside
crypto ikev1 policy 10
 authentication pre-share
 encryption 3des
 hash sha
 group 2
 lifetime 1800
telnet 0.0.0.0 0.0.0.0 Inside
telnet timeout 5
ssh timeout 5
console timeout 0
management-access Inside
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
 anyconnect image disk0:/anyconnect-win-2.5.2014-k9.pkg 1
 anyconnect enable
group-policy BradScott internal
group-policy BradScott attributes
 wins-server value 192.168.41.10
 dns-server value 192.168.41.10
 vpn-tunnel-protocol ikev1 ikev2 ssl-client
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value split
 default-domain value sfcu.local
group-policy Bradford internal
group-policy Bradford attributes
 dns-server value 24.213.60.93 8.8.8.8
 vpn-tunnel-protocol ikev1
 default-domain value sfcu.local
group-policy BradScottVPN internal
group-policy BradScottVPN attributes
 dns-server value 24.213.60.93 8.8.8.8
 vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value split
 default-domain value sfcu.local
 address-pools value vpn-pool
group-policy DefaultRAGroup internal
group-policy DefaultRAGroup attributes
 dns-server value 192.168.41.10
 vpn-tunnel-protocol l2tp-ipsec
 default-domain value sfcu.local
group-policy DfltGrpPolicy attributes
 vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec
group-policy Bluewater internal
group-policy Bluewater attributes
 dns-server value 208.67.222.222 8.8.8.8
 vpn-tunnel-protocol ikev1
 default-domain value sfcu.local
username Bradford2 password OwXhtJaJ5GjHsr2z encrypted privilege 15
username Bradford2 attributes
 vpn-group-policy BradScottVPN
username bradscott password hu7kXAHXA8wbGi1Bt5DBIw== nt-encrypted privilege 0
username bradscott attributes
 vpn-group-policy DefaultRAGroup
username bsset password tOqCpC5z7Y58/NZ9 encrypted privilege 15
username 906admin password JzgQej1vXGNhZy5G encrypted
username 906tech password FFdr21Do.ETFHxn3 encrypted privilege 15
username cisco password ffIRPGpDSOJh9YLq encrypted privilege 15
tunnel-group DefaultRAGroup general-attributes
 address-pool vpn
 default-group-policy DefaultRAGroup
tunnel-group DefaultRAGroup ipsec-attributes
 ikev1 pre-shared-key *****
tunnel-group DefaultRAGroup ppp-attributes
 authentication ms-chap-v2
tunnel-group 71.13.110.26 type ipsec-l2l
tunnel-group 71.13.110.26 ipsec-attributes
 ikev1 pre-shared-key *****
tunnel-group BradScott type remote-access
tunnel-group BradScott general-attributes
 address-pool BradScott
 default-group-policy BradScott
tunnel-group BradScott webvpn-attributes
 group-alias BradScott enable
tunnel-group BradScott ipsec-attributes
 ikev1 pre-shared-key *****
tunnel-group BradScottVPN type remote-access
tunnel-group BradScottVPN general-attributes
 address-pool vpn-pool
 default-group-policy BradScottVPN
tunnel-group BradScottVPN ipsec-attributes
 ikev1 pre-shared-key *****
tunnel-group Bradford type remote-access
tunnel-group Bradford general-attributes
 address-pool VPNPool
 default-group-policy Bradford
tunnel-group Bradford ipsec-attributes
 ikev1 pre-shared-key *****
tunnel-group Bluewater type remote-access
tunnel-group Bluewater general-attributes
 address-pool VPNPool
 default-group-policy Bluewater
tunnel-group Bluewater ipsec-attributes
 ikev1 pre-shared-key *****
!
class-map inspection_default
 match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
 parameters
  message-length maximum client auto
  message-length maximum 512
policy-map global_policy
 class inspection_default
  inspect dns preset_dns_map
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect sqlnet
  inspect skinny  
  inspect sunrpc
  inspect xdmcp
  inspect sip  
  inspect netbios
  inspect tftp
  inspect ip-options
  inspect icmp
!
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
Cryptochecksum:47e67548945c74debd18b973fb9a0d77
: end
0
davidgeeeeAuthor Commented:
Also, I don't get prompted for a username and password.
0
HalldorGCommented:
aaa configuration missing?
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
davidgeeeeAuthor Commented:
User accounts are setup.  If I change the transport method in the VPN Client to TCP, I then get a username and password pop-up.  After entering username and password, I see "Securing Communication Channels..."  Then say Not Connected.  Must be close!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VPN

From novice to tech pro — start learning today.