Cisco VPN Client and PIX 501

Answered Question

I have a new PIX 501. I believe it is running Version 6.3(4). I have downloaded the latest Cisco VPN Client. I believe it is 4.8.00***. I want to create a VPN tunnel to the the PIX 501 using the Cisco VPN Client to connect. I just want to be able to connect to my office from my house. There is no other device at the office other than the PIX 501 and nothing to block any traffic from my house that I know about.


Can somebody tell me how to configure the PIX and the Client software?


Nothing fancy, I just want it to work. I would like to just use the PDM VPN section to create the necessary configuration if possible.


Thanks,


Jeff

Correct Answer by mheusinger about 11 years 6 months ago

Hello,


it will be worth to look at the explanations and configurations given in: "Configuring IPSec Between Two PIXes With VPN Client 4.x Access"


http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00800948b8.shtml


Just skip the commented configuration part for PIX-to-PIX communication and you will get what you want. Another document which can help you is: "How to Configure the Cisco VPN Client to PIX with AES" found at

http://www.cisco.com/en/US/products/sw/secursw/ps2308/products_configuration_example09186a00801e71c0.shtml


This should be pretty much all you need to setup your network to your requirements.


Hope this helps! Please rate all posts.


Regards, Martin

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
mheusinger Fri, 02/03/2006 - 01:51
User Badges:
  • Green, 3000 points or more

Hello,


it will be worth to look at the explanations and configurations given in: "Configuring IPSec Between Two PIXes With VPN Client 4.x Access"


http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00800948b8.shtml


Just skip the commented configuration part for PIX-to-PIX communication and you will get what you want. Another document which can help you is: "How to Configure the Cisco VPN Client to PIX with AES" found at

http://www.cisco.com/en/US/products/sw/secursw/ps2308/products_configuration_example09186a00801e71c0.shtml


This should be pretty much all you need to setup your network to your requirements.


Hope this helps! Please rate all posts.


Regards, Martin

jackko Fri, 02/03/2006 - 15:59
User Badges:
  • Gold, 750 points or more

below are the sample codes for configuring remote vpn access on a pix:


access-list 101 permit ip 192.168.1.0 255.255.255.0 10.1.1.0 255.255.255.0

access-list 120 permit ip 192.168.1.0 255.255.255.0 10.1.1.0 255.255.255.0


nat (inside) 0 access-list 101


isakmp policy 10 authentication pre-share

isakmp policy 10 encryption 3des

isakmp policy 10 hash md5

isakmp policy 10 group 2

isakmp policy 10 lifetime 86400


isakmp identity address

isakmp nat-traversal 20


crypto ipsec transform-set vpnset esp-3des esp-md5-hmac


ip local pool ippool 10.1.1.11-10.1.1.21


vpngroup vpnclient address-pool ippool

vpngroup vpnclient idle-time 1800

vpngroup vpnclient dns-server 139.130.4.4

vpngroup vpnclient password cisco456

vpngroup vpnclient split-tunnel 120


crypto dynamic-map dynmap 10 set transform-set vpnset

crypto map remote_vpn 20 ipsec-isakmp dynamic dynmap


username cisco password cisco123


aaa-server LOCAL protocol local

crypto map remote_vpn client authentication LOCAL

crypto map remote_vpn client configuration address initiate

crypto map remote_vpn client configuration address respond



regarding the vpn client, just simply install it by following the instruction on screen. click "new":


"connection entry" a name for your reference

"host" public ip of the pix 501

"name" vpnclient

"password" cisco456



to initiate a tunnel, double click the entry you just created. it will then prompt you for individual username and password (it's cisco and cisco123).

Actions

This Discussion