Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
671
Views
5
Helpful
2
Replies

Cisco PIX 506 endpoint

Go to solution
jeffreyduclos
Level 1
Level 1

‎10-27-2004 12:33 PM - edited ‎02-20-2020 11:42 PM

Will the Cisco PIX 506 6.3(3) function as an endpoint? How do I configure it?

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
sachinraja
Level 9
Level 9

‎10-28-2004 01:57 AM

Do you mean IPSEC endpoint. if so, yes.. You can configure the following:

No nat:

nat (inside) 0 access-list 100

access-list 100 permit ip host 192.168.180.1 10.1.1.0 255.255.255.0

ip local pool vpnpool 10.1.1.1-10.1.1.254

Crypto map configuration:

sysopt connection permit-ipsec

crypto ipsec transform-set myset esp-3des esp-md5-hmac

crypto dynamic-map dynmap 10 set transform-set myset

crypto map mymap 10 ipsec-isakmp dynamic dynmap

crypto map mymap client configuration address initiate

crypto map mymap client configuration address respond

crypto map mymap client authentication LOCAL

crypto map mymap interface outside

isakmp enable outside

isakmp identity address

Policy configuration:

isakmp policy 10 authentication pre-share

isakmp policy 10 encryption 3des

isakmp policy 10 hash md5

isakmp policy 10 group 2

isakmp policy 10 lifetime 86400

VPN group configuration:

vpngroup abcvpn address-pool vpnpool

vpngroup abcvpn split-tunnel 100

vpngroup abcvpn idle-time 1800

vpngroup abcvpn password ********

username cisco password cisco

View solution in original post

2 Replies 2

Go to solution
sachinraja
Level 9
Level 9

‎10-28-2004 01:57 AM

Do you mean IPSEC endpoint. if so, yes.. You can configure the following:

No nat:

nat (inside) 0 access-list 100

access-list 100 permit ip host 192.168.180.1 10.1.1.0 255.255.255.0

ip local pool vpnpool 10.1.1.1-10.1.1.254

Crypto map configuration:

sysopt connection permit-ipsec

crypto ipsec transform-set myset esp-3des esp-md5-hmac

crypto dynamic-map dynmap 10 set transform-set myset

crypto map mymap 10 ipsec-isakmp dynamic dynmap

crypto map mymap client configuration address initiate

crypto map mymap client configuration address respond

crypto map mymap client authentication LOCAL

crypto map mymap interface outside

isakmp enable outside

isakmp identity address

Policy configuration:

isakmp policy 10 authentication pre-share

isakmp policy 10 encryption 3des

isakmp policy 10 hash md5

isakmp policy 10 group 2

isakmp policy 10 lifetime 86400

VPN group configuration:

vpngroup abcvpn address-pool vpnpool

vpngroup abcvpn split-tunnel 100

vpngroup abcvpn idle-time 1800

vpngroup abcvpn password ********

username cisco password cisco

Go to solution
jeffreyduclos
Level 1
Level 1
In response to sachinraja

‎10-28-2004 07:21 AM

Thank you for the response.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card