Re: vpn behind dsl router

carl_townshend · ‎11-23-2006

Hi all can i make a vpn using my home dsl router and a pix 501 firewall behind it, I only have 1 address, can i use port forwarding to the pix 501 for vpn, and how would i do this ?

m.sir · ‎11-23-2006

Yes its possible...

On your ADSL router you need set up port forwarding (from ADSL router to PIX)

You need forward following:

protocol ESP (protocol number 50)

UDP port 500

UDP port 4500

Let say that y.y.y.y is inside IP of you pix , outside interface of your router is f0/0 (with public IP) and inside interface is f0/1

ip nat inside source static esp y.y.y.y interface f 0/0

ip nat inside source static udp y.y.y.y 500 interface f 0/0

ip nat inside source static udp y.y.y.y 4500 interface f 0/0

interface f 0/0

ip nat outside

interface f 0/1

ip nat inside

Now all IPSEC VPN traffic for outside interface of router is forwaded to PIX and you can terminate there your VPNs

M.

Hope that helps rate if it does

carl_townshend · ‎11-24-2006

would you have any info on how to configure the pix for this ? vpn and firewall, I can tfind any docs.

please help

Carl

m.sir · ‎11-25-2006

http://www.cisco.com/warp/public/110/38.html

carl_townshend · ‎11-26-2006

Do you have the link to the configuring the pix for vpn client to connect ?

cheers

Carl