Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
364
Views
0
Helpful
2
Replies

Replacing a router with a PIX for internet access

jrogalski
Level 1
Level 1

‎05-12-2003 06:59 AM - edited ‎02-20-2020 10:44 PM

Hello,

we are currently connecting our main and remote offices together with a mix of Cisco routers (3540, 2600s, 1720s) using IPSec tunnels and access-lists on the serial interfaces to only allow the serial IPs of the other routers in (the encapsulated private LAN traffic). Now, we would like to setup a proxy/firewall for internet access and setup remote access for remote PC users. Could a PIX 500 series device be used to replace a 3640 at our main site (or at least move the internet T1 to the PIX and setup all of the tunnels on this device then pass traffic to the router)? I think this may be fine for the firewall part...but can the PIX handle remote VPN Windows clients like a concentrator or would it be better to use a VPN concentrator for this part? Any suggestions or pointers would be greatly appreciated.

Thanks,

John.

0 Helpful
2 Replies 2

jfrahim
Level 5
Level 5

‎05-12-2003 07:31 AM

John,

PIX can be used to terminate the client tunnels as well. However, a VPN3000 concentrator has more features.

If you do with th ePIX implementation. The following link would help:

http://www.cisco.com/warp/public/110/cvpn3k_pix_ias.html

Jazib

0 Helpful

mostiguy
Level 6
Level 6

‎05-12-2003 07:37 AM

PIXen only have ethernet interfaces, so that might be a problem

PIXen support pass thru auth for proxies,etc. You should be able to make most setups work.

The PIX can handle the software vpn clients similarly to a concentrator. Generally the PIX plays catch up to the concentrators for features, but it should work.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card