PIX 515E - VPN Clients

Unanswered Question
Nov 4th, 2008

Hi,


I have been reading my books etc and then find out the PIX 515E doesn't support webVPN!!! Nice they could have put a header in each chapter.


Anyway what VPN CLient does a PIX 515E v7.2 support ? Any clientless ones ...help ;(


Thanks


Ed

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
edw Tue, 11/04/2008 - 05:40

Hi,


Thanks


Would it work using Cisco 3005 Concentrator in line then to do the SSL webVPN ? Instead of coughing up for a ASA (I only bought the PIX in Aug 06;()


Or if I use remote IPsec - could I force the clients to go through my proxy server ? IE is there a PIX command as part of the policies which allows me to push the http requests thorugh my proxy server ?


Thanks


Ed

ajagadee Tue, 11/04/2008 - 12:09

Ed,


If this is a new purchase, I would strongly recommend that you consider the ASA for the below reasons.


VPN3000 is End of Sale and the last date of support is August 4, 2012.


http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5743/ps5749/ps2284/prod_end-of-life_notice0900aecd805cd5a0.html


While, 2012 is still 4 years away, one of the important thing to consider is the Software Support. 4.7 is the latest version on the VPN3000 and from the below URL you can see that the End of Software Maintenance is August 5, 2008. Meaning, if you run into any software caveats, you will most likely not have a code with the fix. With that said, you dont want to be put in a situation where you run into a software bug, no release has a fix and you are forced to go with a different solution or upgrade the platform to an ASA. I hope it makes sense.


http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5743/ps5749/ps2284/prod_end-of-life_notice0900aecd805cd5b2.html


Regards,

Arul


*Pls rate if it helps*

edw Mon, 11/24/2008 - 09:52

Hi,


Thanks - we are a educational charity and a ASA would be great but its another layout and I'm in the middle of a complete server upgrade. Credit crunch and all, I have bought a unit for £160 off eBay this will allow us to test proof of concept to some of our users then mid next year look at the ASA. I only bought the PIX515E about 2 years ago ;((( didn't live very long in Ciscos product line.


Anyway another question now and points to those that answer correctly and consisly!


I now have a PIX 515E and VPN 3005 concentrator. Is it more secure to put it in line or to have them run parrellel (IE both have public facing interfaces). As the VPN is end of software line now ? Only going to be running webVPN from it - other VPN clients are on PIX.


Thanks


Ed

Actions

This Discussion