No worries. Here is the configuration I typically leverage when I am
doing installations and also provide to folks I work with in my area to
make their installs go efficiently.
Step #1 - The policy, apply from the command line of the controller,
under the config t mode
!
ip access-list session VPN-Clients
user any svc-l2tp permit
user any svc-esp permit
user any svc-ike permit
user any tcp 17 permit
user any udp 51 permit
user any udp 4500 permit
user any tcp 10000 10001 permit
user any udp 10000 10001 permit
user any svc-pptp permit
user any svc-gre permit
!
Step #2 -- Associate the new policy with the guest account as follows
(also from command line)
!
user-role guest
access-list session VPN-Clients
!
Step #3 -- Your users, in the guest role, should now have full VPN
capabilities, regardless of the device or client they are using
(Nortel(R.I.P.) included) :)
JF