Re: point to point problems

xtech · ‎05-17-2004

Hi,

I have a few questions. First: can I set up a point to point with a linksys etherfast cable/dsl firewall to a PIX 501? It looks like it may work but I would like a little advice on this. Second: How can I establish a point to point between two Pix 501 firewalls with one end changing? They have a version of comcast and cannot get static public IPs. Supposedly the IP will not really change very often, but how does one work around this besides reconfiguring when the IP changes?

Third: I have a user that claims the cisco 4. VPN client really "messes" up his zone alarm. I use a client and zone alarm at home and have not experienced any problems.

Thanks for all the help - Wayner

mostiguy · ‎05-17-2004

1. linkysys - donno. A coworker recently tried using one as a head end for end user connections, but had a brutal time. It might be viable for point to point.

2. It is not a problem to have one end dynamic. Configure the static end to accept wild card connections (from any address), like you would for a pix that terminates end user connections.

3. Cannot help you with zone alarm

xtech · ‎05-18-2004

Hi,

Thanks for the reply. For problem 2, is this something that I can set up in PDM? When I use the VPN wizard -> site to site -> remote site peer -> peer IP address, is this where I can use wild card info? How? Would it be like 199.182.*.* ?

Thanks - Wayner

mostiguy · ‎05-18-2004

I honestly do not know, as I only use the PDM for its monitoring functions.

http://www.cisco.com/en/US/products/sw/secursw/ps2308/products_configuration_example09186a0080094680.shtml

is an example config for a static to dynamic pix. In this example, the static pix is also configured to access end user vpn connections.