cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
436
Views
0
Helpful
3
Replies

How to configure a PIX 515E for VPN based RAS

luke.cassar
Level 1
Level 1

Hi all,

we have a PIX 515E with an unrestricted license that we would like to use as a VPN server for remote clients.

The LAN is made of NT/2000 based machines, and remote clients will mostly be 2000/XP machines for individual users.

I have had a look on the Cisco website but cant find anything that is comprehensive enough (possibly explaining how to do this using the PDM??).

If someone could supply me with a link to a guide for doing this it would be fantastic.

Thanks in advance for your assistance.

Regards,

Luke Cassar

3 Replies 3

jmia
Level 7
Level 7

Luke,

There is no support for Xauth using the local database on the PIX. But you can do this with an IOS router.

With PIX you need to use an external RADIUS server, I've used the IAS supplied with Win2K server for this it’s straight forward to set up. It’s at this URL

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00800b6099.shtml

And also read the following URL on how to configure Cisco vpn clients with PIX

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a008009442e.shtml

On using the PDM, if you are not comfortable using CLI on the PIX then, yes try with PDM but from experience I've had issues with configuring from PDM. You should find the relevant information on how to setup via PDM from the accompanying CD that was supplied with your PIX.

I do have documents on PDM but not to hand at the moment, when I locate them I'll post here for you.

Let me know how you get on.

Jay

Luke,

Here's the PDM guide (PDF File) :

http://www.cisco.com/application/pdf/en/us/guest/products/ps2032/c1626/ccmigration_09186a0080278a7e.pdf

Let me know how you get on, good luck..

Jay

Hi Jay,

thank you very much for your help and for providing the links to the above articles.

We are actually running a CSACS server (its running, but hasn't been tested yet) so I am assuming this will do the task, or if not, we will use the RADIUS functionality within WIN2K.

I will read through these links and let you know if any difficulties arise.

Again, thank you very much for your help.

Regards,

Luke