Re: VPN Hardware Client

r-lemaster · ‎02-01-2005

What's the point of using the Cisco hardware VPN client when the PIX does everything the hardware client does PLUS firewall/IDS?

travis-dennis_2 · ‎02-01-2005

I don't know if "everything" is an accurate statement but the biggest reason for me is the off-loading of processing instead of loading up one device. I always prefer to have dedicated devices..at least unitl Cisco introduced the 3800 series. Those units are pretty sweet. You can load them up with modules and having it do routing, firewalling and VPN and not break a sweat. First time any device could make that claim..and live up to it.

If memory serves there are some other neat things that a 3002 can do that a PIX can't(yet). True the gap is closing, perhaps there are some PIX/VPN gurus out there that can get a little more granular on the differences

Hope this helps.

Please remeber to rate all replies

bcturner · ‎02-05-2005

I've run into a situation where I wish I had a 3002 instead of a Pix501. We had 4 VP's who needed access via VPN from a Hotel network. They also wanted to use their Cisco IP phones. In order to set up a S2S VPN from the Pix we needed a routable IP assigned. The Hotel could not accomidate us so I tried to set up a dynamic map from the Pix using a 192.168.X.X address assigned by the Hotel. Needless to say, this did not work. Cisco TAC advised I would need a 3002 in order to make this work.