12-15-2005 11:46 AM
Right now I have a PIX501 that I can configure to connect to my VPN3005 in network extension mode. This allows a person at home to connect thier computer and IP Hard phone to our network. And Seems to work behind most other firewalls, routers. Is there a Linksys device I can use at people's houses instead of the pix501 to do the same thing?
Thanks
12-21-2005 07:22 AM
Did I say a bad word?
12-21-2005 08:43 AM
Two PIX501 (EZ VPN Clients) behind Linksys devices (with same DHCP pool) disconnect during IKE rekey. In this case, the PIXes keep trying to bring up public-to-public IPSec SA's (tearing down the others). The PIX establishes a new IPSec SA on the new IKE SA. The up and down causes the deletion of the IKE.
http://www.cisco.com/univercd/cc/td/doc/product/vpn/vpn3000/4_0/404bcn3k.htm
12-21-2005 02:25 PM
I'm looking to do either solution as well. I know this is not the place ( I can post a new message) but
I would I goabout configuring the 3005 concentrator for ezvpn in network extension mode. This what I have applied on the pix 501
vpnclient server 6.x.x.x
2.vpnclient mode network-extension-mode
3 . vpnclient nem-st-autoconnect . Specifies to automatically initiate IPSec data tunnels when split tunneling is configured. Note that IPSec data tunnels are automatically initiated and sustained when in network extension mode, except when split tunneling is configured.
4. vpnclient username (your username) password (password)
5. vpnclient vpngroup HARDWARE password xxxxx
6. vpnclient enable
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide