setup pix501 vpn

Answered Question
Sep 17th, 2007

I have a pix 501 6.3(5), with these license features:

Failover: Disabled

VPN-DES: Enabled

VPN-3DES-AES: Enabled

Maximum Physical Interfaces: 2

Maximum Interfaces: 2

Cut-through Proxy: Enabled

Guards: Enabled

URL-filtering: Enabled

Inside Hosts: Unlimited

Throughput: Unlimited

IKE peers: 10

My questions are, how many vpn's can I have, site to site and or remote user vpn's? Lastly, how do I create the remote host vpn's? Should I do this thru the cmd line or web based? Or does anyone know of a link or guide explaining the vpn setup on this model. If anymore info is needed let me know. Thanks in advance.

I have this problem too.
0 votes
Correct Answer by Jon Marshall about 9 years 1 month ago

You can use L2TP over IPSEC from a windows client. Attached is a link to a doc for configuring L2TP over IPSEC between a pix firewall and a w2k pc. It should apply to XP as well.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Jon Marshall Mon, 09/17/2007 - 22:59


It means that you can have 10 VPNs and these VPNs can be site-to-site, remote access or a mixture of both but no more than 10.

I don't really use the web based tool as i tend to do all config on CLI. Attached is a link to some example config docs for remote access vpns to pix firewalls.



rhopkins_nci Tue, 09/18/2007 - 05:03

Thanks Jon, I was looking thru some of the guides, are there guides on configuring a remote host without the cisco vpn client, or is it even possible? Can I use the built in xp client? Thanks again.

attrib7575 Thu, 03/20/2008 - 14:53

I dont think it applies to XP as well. I can get a 2000 client to work, but not an XP one


This Discussion