03-17-2003 04:20 PM - edited 03-09-2019 02:33 AM
Hi all,
I have a question,
Here is the scenarion
inside------pix--------Internet router-------------DSL router-----PIX 501e---Inside
netrowok(1) netwrok(2)
IP adddress
1. inside network ( 10.x.x.x & 192.168.X.x)
2. Pix inside address- 192.168.16.16
3. Pix outside address- 12.96.38.82
4. internet router inside- 12.96.38.81
5. internet router outside - 12.119.110.22
6. Cayman DSL router( no idea of the ip address, but sure its doing natting)
7. PIX 501e outside - dhcp client - 192.168.1.4
8. pix 501e inside - 10.x.x.x
9. inside netowrks 2 (10.x.x.x and 192.168.x.x)
Can i initiate a tunnel between the 2 pix, if yes my question of concern is what ip address i can give for the ipsec-isakamp peer config on the pix 506. Can i set it to 0.0.0.0 0.0.0.0 ?
I am really confused while configuring the pix 506, becasue i am not sure what ip address my pix501e will get my DSL router(since its a dsl connection). can dynamic crypto map be used ? if i use that will my tunnel come up ?
please advice.
sen
03-17-2003 06:45 PM
Hi,
Configure PIX-501 as the easy vpn client, and pix-506 as the Easy VPN server, but as you have RFC1918(private address) on the PIX-501 outside interface, and your DSL router is doing PAT, you will need to wait till end of this month
for V6.3 OS for PIX, as it supports IPSec/UDP.
If you are DSL router can be configured for NAT(one-to-one) for PIX-501 outside IP address (you will also need an extra IP address from your Caymen DSL side), then you can follow this link to implement it.
http://www.cisco.com/warp/public/110/dynamicpix.html
Thanks,
Afaq
03-17-2003 06:51 PM
Can you please point me some documentation on ezvpn server and client. Because i am not familier with that configuration.
Thanks
senthil
03-18-2003 12:06 AM
Hi,
You can use easy vpn when you have 6.3 sw on the PIXes, or if you configure static NAT on the DSL router.
To configure PIX-501 as Easy vpn client, see following config:
http://www.cisco.com/warp/public/110/pix-ios-easyvpn.html
Easy vpn server configuration(on the other pix) is just like you configure pix to accept vpn remote access configuration.
Thanks
Afaq
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide