08-24-2005 03:20 AM - edited 03-10-2019 02:16 PM
Hi everyone,
This is my first posting on here, so please be gentle!
ACS v3.3
PIX 515E - PIX OS 6.3(5)
We use the ACS to Authenticate & Authorise user connecting in three ways:
1) VPN over the internet to a Concentrator 3000
2) Dialin using PSTN or ISDN to two 3600Series Routers
3) IPSec VPN to a PIX515E
In cases 1 & 2 above, the ACS provides the client with an IP address either from the group pool, or a static (Depending upon the user setup)
However, we cannot figure out how to get the PIX to do this, we've been hunting cisco.com and googleing this problem for about 3 days solid and can find nothing.
I have attached the PIX's config.
Any help would be greatly apreciated.
Many Thanks,
Nick,
Data Networking Team
NHS Wales (UK)
09-01-2005 05:21 AM
PIX supports only local ip pool, hence scenario 3 will not work.
09-04-2005 11:51 PM
Ahh, that is bad news..
Is this just with PIX OS 6?
does that same apply to PIX OS 7?
Many thanks for your reply.
Nick
09-06-2005 07:28 AM
Hi Nick
For PIX OS 7 you can use a AAA server to assign addresses for VPN remote access clients.
Search on the cisco.com this manual
Cisco Security Appliance Command Line
Configuration Guide
For the Cisco ASA 5500 Series and Cisco PIX 500 Series
Software Version 7.0
capter 26: Configuring IP Addresses for VPNs
Margherita
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide