11-04-2008
03:52 AM
- last edited on
02-21-2020
11:18 PM
by
cc_security_adm
Hi,
I have been reading my books etc and then find out the PIX 515E doesn't support webVPN!!! Nice they could have put a header in each chapter.
Anyway what VPN CLient does a PIX 515E v7.2 support ? Any clientless ones ...help ;(
Thanks
Ed
11-04-2008 05:34 AM
>> Site-to-Site and Remote Access IPSec VPN Only.
WebVPN is only available on the ASA.
11-04-2008 05:40 AM
Hi,
Thanks
Would it work using Cisco 3005 Concentrator in line then to do the SSL webVPN ? Instead of coughing up for a ASA (I only bought the PIX in Aug 06;()
Or if I use remote IPsec - could I force the clients to go through my proxy server ? IE is there a PIX command as part of the policies which allows me to push the http requests thorugh my proxy server ?
Thanks
Ed
11-04-2008 05:44 AM
I would say VPN Concentrator would be the right choice.
11-04-2008 12:09 PM
Ed,
If this is a new purchase, I would strongly recommend that you consider the ASA for the below reasons.
VPN3000 is End of Sale and the last date of support is August 4, 2012.
While, 2012 is still 4 years away, one of the important thing to consider is the Software Support. 4.7 is the latest version on the VPN3000 and from the below URL you can see that the End of Software Maintenance is August 5, 2008. Meaning, if you run into any software caveats, you will most likely not have a code with the fix. With that said, you dont want to be put in a situation where you run into a software bug, no release has a fix and you are forced to go with a different solution or upgrade the platform to an ASA. I hope it makes sense.
Regards,
Arul
*Pls rate if it helps*
11-24-2008 09:52 AM
Hi,
Thanks - we are a educational charity and a ASA would be great but its another layout and I'm in the middle of a complete server upgrade. Credit crunch and all, I have bought a unit for £160 off eBay this will allow us to test proof of concept to some of our users then mid next year look at the ASA. I only bought the PIX515E about 2 years ago ;((( didn't live very long in Ciscos product line.
Anyway another question now and points to those that answer correctly and consisly!
I now have a PIX 515E and VPN 3005 concentrator. Is it more secure to put it in line or to have them run parrellel (IE both have public facing interfaces). As the VPN is end of software line now ? Only going to be running webVPN from it - other VPN clients are on PIX.
Thanks
Ed
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide