cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2861
Views
0
Helpful
7
Replies

PIX & 2000 Client

jonathan.meehan
Level 1
Level 1

PIX and VPN Client with ACE Authentication.

Currently works a treat but the customer wants to migrate to 2000.

The VPN client does not currently support Windows 2000. I have heard there will be one available in the new year??

7 Replies 7

bstremp
Level 2
Level 2

I'd try doing a search on the board for this topic. I've seen multiple conversations around Cisco's soon to be released universal client.

jwacaser
Level 1
Level 1

Check out win2k's built in IPSEC or if your heart can bear it, PPTP.

nortonsp
Level 1
Level 1

There should be a new unified vpn client released in the next few months.

Your best bet is pptp until l2tp support is released in pix 5.4(1)

-Steve

Where did you get the information that L2TP will be

supported in 5.4(1)? Is there a projected release

date for 5.4(1)?

On the other hand, I would prefer to have the well

working VPN3000 client running on win2k ... are there

any plans in this direction?

regards

csoechting
Level 4
Level 4

you can get a win2k client from www.ire.com I have it working using ipsec/ike on the pix. Its very similar to the win95/98/nt client.

mtthompson
Level 1
Level 1

The native Windows 2000 VPN client can be configured to work but due to bugs it requires tunnels configured in both directions. This is a problem if you are using dynamic addressing, as the tunnel end point in one direction needs to be configured every time your address changes. The filters also have a bug that prevents the use of the mirror option, and only one filter can be used per rule. This configuration does not seem to work if service pack 1 is applied!!

To configure;

Go to Local security settings.

Create filters for each direction of the tunnel avoiding using the mirror option.

Then create the IP security policy using a different rule for each direction of the tunnel. Specify your client address as the tunnel end point for one rule and the PIX as the tunnel end point for the other rule. Only apply one filter per rule.

grantlewis
Level 1
Level 1

Contact your Cisco account representative if you want to obtain the beta W2K client

Review Cisco Networking for a $25 gift card