Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
350
Views
0
Helpful
2
Replies

PIX 515 - Site to Site with agressive mode

edy-rojas
Level 1
Level 1

‎06-03-2003 11:19 AM - edited ‎02-20-2020 10:46 PM

Hi all,

I need to config a tunnel with a costumer that has an ADSL connection that changes your IP address every time he connects on internet.

How can I config the PIX Side ?? On the other side that is an SonicWall appliance.

0 Helpful
2 Replies 2

gfullage
Cisco Employee
Cisco Employee

‎06-03-2003 05:58 PM

You'll need a dynamic crypto map on the PIX, just like if you had VPN clients connecting in. In this scenario the SonicWall will always have to initiate the tunnel, the PIX can't be the initiator cause it doesn't know the remote IP address to send the packets to.

Sample config is here:

http://www.cisco.com/warp/public/707/29.html

A couple of modifications to teh above sample config though.

- Don't use the "sysopt ipsec pl-compatible" command, just leave it out.

- The access-list 103 will define traffic FROM the PIX inside subnet TO the SonicWall's inside subnet.

0 Helpful

edy-rojas
Level 1
Level 1
In response to gfullage

‎06-04-2003 03:33 AM

Thanks,

I´ll try this config, but I think this solve my problem.

Edy.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card