Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
296
Views
0
Helpful
3
Replies

vpnsm and cisco vpn client

mulugetash
Level 1
Level 1

‎08-23-2006 01:05 AM - edited ‎02-21-2020 02:35 PM

hello

i am going to configure a cisco cat 6500 vpnsm to connect to some office in other country.from the remote office side the connection is:internet gw router-check point-LAN.my Q is:

-can we use cisco vpn client on the remote side,if not,can the checkPoint be used as a peer?

Labels:
0 Helpful
3 Replies 3

ajagadee
Cisco Employee
Cisco Employee

‎08-23-2006 09:05 PM

Hello,

Option 1

VPN Client - Yes, you can use vpn client from the remote office and terminate the IPSEC connection on the VPNSM.

Things that need to be considered are:

1. How many users from the remote site

2. Is the connection going to initiated always from the remote site

3. What about managing the VPN Clients on the remote users laptop/desktop

4. Are you going to do External Authentication for the users, if so are you using Radius or TACACS+.

VPNSM Configuration Guide

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/cfgnotes/78_14459.htm#wp1281742

Option 2:

IPSEC LAN to LAN Connection - Yes, you could do an Lan to Lan connection and this should be pretty straightforward.

Things that need to be considered are:

1. Is the remote site LAN IP Address Range the same as yours.

2. Are you going to use Pre-Shared Key or Certificates.

3. What about routing of the remote IP Range in your Routing Domain.

Sample Configurations:

IPSec LAN-to-LAN Tunnel Between a Catalyst 6500 with the VPN Service Module and a PIX Firewall Configuration Example

http://www.cisco.com/en/US/customer/tech/tk583/tk372/technologies_configuration_example09186a00800f67d8.shtml

Configuring an IPSec Tunnel - Cisco Secure PIX Firewall to Checkpoint 4.1 Firewall

http://www.cisco.com/en/US/customer/products/hw/vpndevc/ps2030/products_configuration_example09186a008009420f.shtml

I hope the above info helps.

Regards,

Arul

0 Helpful

mulugetash
Level 1
Level 1
In response to ajagadee

‎08-24-2006 12:04 AM

thanks Arul

to give you some idea on the connection:

-cisco vpn client is going to be used on the remote side

-there will be about 5 users on the remote side

-the connection is going to be initiated from the remote side

-i would like to manage the vpn clients from the server (vpnsm) side

-i am going to use local athentication for the users

with these requirements,pls give me a configuration example

regards

Mulugeta

0 Helpful

mulugetash
Level 1
Level 1
In response to ajagadee

‎09-09-2006 07:21 AM

hello Arul

i have configured the VPNSM (with dynamic client mapping) but when i configure the crypto map entry at the inside vlan interface,i.e.,

crypto map rtpdyn

it gives me the error

ERROR:Crypto Map with tag "rtpdyn" does not exist

but i have configured the crypto map rtpdyn and i can see it from sh run.what do you think is the problem ?

0 Helpful
Customers Also Viewed These Support Documents