Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
543
Views
0
Helpful
4
Replies

PIX 515 VPN and Windows XP

kencoc
Level 1
Level 1

‎02-25-2002 12:13 PM - edited ‎02-21-2020 11:37 AM

Hi, I setup our pix to execpt connections from the Cisco Secure VPN client 1.1, manual IP sec with Pre shared key. Now I have a user who is using XP and is behind a linksys router. The 1.1 client does not install in XP, and I have read about using L2TP. But can I have both the 1.1 clients and the L2tp? Also, everything I have read about the CA servers is on W2k and we are still using NT 4.0, can a CA server be setup on 4.0?

Thanks for any help.

Labels:
0 Helpful
4 Replies 4

pdentico
Level 1
Level 1

‎02-25-2002 01:31 PM

You can have the XP client connect with L2TP or with the Cisco unified client. I believe the latest version is 3.5 or so. Yes you can have clients using the 1.1 client and the 3.5 client and the L2TP although I've only done it with Win 2K. But I'm sure it works with XP Pro. I Don't know about the XP home edition though.

Good luck

0 Helpful

kencoc
Level 1
Level 1

‎02-26-2002 05:22 AM

This is what I have in my current config for the Secure VPN client.

sysopt connection permit-ipsec

sysopt ipsec pl-compatible

no sysopt route dnat

crypto ipsec transform-set myset esp-des esp-md5-hmac

crypto dynamic-map cisco 1 set transform-set myset

crypto map dyn-map 20 ipsec-isakmp dynamic cisco

crypto map dyn-map interface outside

isakmp enable outside

isakmp key ******** address 0.0.0.0 netmask 0.0.0.0

isakmp policy 10 authentication pre-share

isakmp policy 10 encryption des

isakmp policy 10 hash md5

isakmp policy 10 group 1

isakmp policy 10 lifetime 1000

Now to add the L2tp, here is what I have come up with. Can anyone tell me if this is correct?

ip local pool l2tp 192.168.1.xxx-192.168.1.xxx

crypto ipsec transform-set l2tp

sysopt connection permit-l2tp

vpdn group l2tpipsec accept dial-in l2tp

vpdn group l2tpipsec ppp authentication chap

vpdn group l2tpipsec ppp authentication ms-chap

vpdn group l2tpipsec client configuration address local l2tp

vpdn group l2tpipsec client configuration dns 192.168.1.xxx

vpdn group l2tpipsec client configuration wins 192.168.1.xxx 192.168.1.xxx

vpdn group l2tpipsec client authentication local

vpdn username user password 12345678

vpdn enable ifname

0 Helpful

graeme-richardson
Level 1
Level 1

‎02-26-2002 05:47 AM

you can have both the VPN client version 1.1 and other versions running at same time quite easily.I can send you a sample config of ones i have setup if you like?

Trevor.stanley@knowledgeit.co.uk

Senior network engineer

CCNP,CCDA,MSCE

0 Helpful

jfrahim
Level 5
Level 5

‎03-02-2002 08:05 AM

Using Cisco IOS 12.2(8)T, you can connect the 3.x based VPN client to a Cisco router. 3.x client is supported on pretty much all the platforms

Here is a good link

http://www.cisco.com/warp/customer/471/ios-unity.html

Jazib

0 Helpful
Customers Also Viewed These Support Documents