Remote Access VPN creation in PIX 515E Version 6.3(5)
I want to create a remote access VPN connection for a partner to our company IT resources. I have a failover system PIX 515E with 6.3(5) OS. PIX outside interface has RFC 1918 IP Address and is connected to a router witch in turn is connected to our ISP through Leased Line. PIX have also an available DMZ interface with RFC1918 IP address configured.
1. Can I configure IKE with ISAKMP enable on this DMZ interface to terminate the VPN remote connections? If no why? I have available public IP Address for static NAT with either outside or DMZ interface.
2. How can I control the traffic from the remote users to my internal network in PIX firewall? Can I use a kind of Access list somewhere?
3. What version of VPN software client I can use with Version 6.3(5) OS?
4. Can I preconfigured in any way the VPN software client with specific settings and give it to our customer locked and ready to use it?
5. Finally can I force the VPN software client to not allow concurrent internet access and VPN traffic from remote PC with this OS version?
We are excited to announce the opening of the ISE Beta community for the Cisco Identity Services Engine (ISE) 2.5 Beta for everyone that is a member of the Cisco Customer Connection Program (CCP)! The ISE 2.5 Beta is scheduled to run from Se...
ISE 2.2 Patch 10 has been released at ISE 2.2.0 Software Download since 2018-Sep-18, with the filename ise-patchbundle-220.127.116.110-Patch10-18091119.SPA.x86_64.tar.gz.
For more info, please read Resolved Issues in Cisco ISE Version 18.104.22.1680—Cumulative ...
ISE 2.3 Patch 5 has been released at ISE 2.3.0 Software Download since 2018-Sep-17, with the filename ise-patchbundle-22.214.171.1248-Patch5-18082702.SPA.x86_64.tar.gz.
For more info, please read Resolved Caveats in Cisco ISE Version 126.96.36.1998—Cumulative P...
I recently ran into an issue on ISE 2.3 Patch 5 when trying to modify a Hotspot Guest Portal that had been created in the ISE Portal Builder.
The support people with the ISEPB team gave me the answer, so I thought I'd save someone a...
The Security team is pleased to announce the Cisco Firepower Threat Defense 6.2.3 Attack Lab v1.2, available in all datacenters.
The lab is aimed at technical decision makers, security engineers and CSOs with an interest in security technology. Th...