This config works like a charm on asa 5505 and 5510's: access-list inside_outbound_nat0_acl extended permit ip <sunray-server-ip range> <sunray vpn client ip range>
ip local pool vpnpool <sunray client ip range> nat (inside) 0 access-list inside_outbound_nat0_acl crypto ipsec transform-set ESP-AES-SHA esp-3des esp-sha-hmac crypto dynamic-map outside_dyn_map 10 set transform-set ESP-AES-SHA crypto dynamic-map outside_dyn_map 10 set security-association lifetime seconds 288000 crypto dynamic-map outside_dyn_map 10 set reverse-route crypto map outside_map 6500 ipsec-isakmp dynamic outside_dyn_map crypto map outside_map interface outside crypto isakmp identity address crypto isakmp enable outside crypto isakmp policy 20 authentication pre-share encryption aes hash sha group 2 lifetime 43200 crypto isakmp nat-traversal 20 group-policy vpn internal group-policy vpn attributes dns-server value <dns-server> vpn-tunnel-protocol IPSec default-domain value example.com username <user> password <password> encrypted tunnel-group vpn type ipsec-ra tunnel-group vpn general-attributes address-pool vpnpool tunnel-group vpn ipsec-attributes pre-shared-key <key> Ny Whe wrote: > Hi, > > My Sunray 2FS hangs also at > > PH1 agg I est 28F > > Was there any info towards the resolution of this problem? > > Thanks, > Ny > > > > > ____________________________________________________________________________________ > Be a better friend, newshound, and > know-it-all with Yahoo! Mobile. Try it now. > http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ > _______________________________________________ > SunRay-Users mailing list > [email protected] > http://www.filibeto.org/mailman/listinfo/sunray-users > _______________________________________________ SunRay-Users mailing list [email protected] http://www.filibeto.org/mailman/listinfo/sunray-users
