Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
406
Views
5
Helpful
3
Replies

Remote VPN setup through PIX (Please help)

brinker25
Level 1
Level 1

‎10-24-2007 10:24 AM - edited ‎02-21-2020 03:20 PM

I'll try this one more time and try to be as specific as possible. I am an intern at a small consulting firm. Our network is very basic, ADSL modem to PIX 501 to switch. We have a web and FTP server onsite and about 5 client workstations. We need to be able to VPN into the network for a couple of reasons. 1. We need to access SQL server remotely, which is stored on our server. 2. We have an IP telephony system that we would like our remote employees to be able to use. The VPN client we will be using will be CISCO VPN Client version 4 and up. I am a network intern, (the only network guy here) and have a basic knowledge of VPN's and CISCO products. I can somewhat maneuver my way around the IOS. For some reason when I try to access the PDM, it never loads. So here is my cry for help. I would really appreciate some help. If you need me to post config files, please let me know. I have found a lot of documentation on the internet, but because our PIX is already up and running, I don't want to change anything unless I know for sure it won't mess anything up. Thanks in advance for any help you can give.

Andrew

Labels:
0 Helpful
3 Replies 3

acomiskey
Level 10
Level 10

‎10-24-2007 10:43 AM

access-list nonat permit ip any 192.168.50.0 255.255.255.0

ip local pool vpn_pool 192.168.50.1-192.168.50.32

nat (inside) 0 access-list nonat

sysopt connection permit-ipsec

crypto ipsec transform-set myset esp-des esp-md5-hmac

crypto dynamic-map dynmap 10 transform-set myset

crypto map mymap ipsec-isakmp dynamic dynmap

crypto map mymap client authentication LOCAL

crypto map mymap interface outside

isakmp enable outside

isakmp identity address

isakmp nat-traversal 20

isakmp policy 10 authentication pre-share

isakmp policy 10 encryption des

isakmp policy 10 hash md5

isakmp policy 10 group 2

isakpm policy 10 lifetime 86400

vpngroup address-pool vpn_pool

vpngroup dns-server x.x.x.x

vpngroup password

username password

That should get you pretty close. There are more options not listed and some things you may want to change, groupname, vpn pool addresses etc.

Please rate helpful posts.

brinker25
Level 1
Level 1
In response to acomiskey

‎10-24-2007 11:25 AM

I'll definitley try this. Thank-you very much. One more question: I typed the vpdn command on the ios and it says i have an active session up. The remote mac address belongs to our ADSL modem. Is this normal to have a VPN tunnel from your modem to the PIX?

0 Helpful

acomiskey
Level 10
Level 10
In response to brinker25

‎10-24-2007 11:29 AM

vpdn has nothing to do with your vpn. This is typically used for PPPOE to your isp.

0 Helpful
Customers Also Viewed These Support Documents