02-02-2006 10:02 PM - edited 02-21-2020 02:14 PM
I have a new PIX 501. I believe it is running Version 6.3(4). I have downloaded the latest Cisco VPN Client. I believe it is 4.8.00***. I want to create a VPN tunnel to the the PIX 501 using the Cisco VPN Client to connect. I just want to be able to connect to my office from my house. There is no other device at the office other than the PIX 501 and nothing to block any traffic from my house that I know about.
Can somebody tell me how to configure the PIX and the Client software?
Nothing fancy, I just want it to work. I would like to just use the PDM VPN section to create the necessary configuration if possible.
Thanks,
Jeff
Solved! Go to Solution.
02-03-2006 01:51 AM
Hello,
it will be worth to look at the explanations and configurations given in: "Configuring IPSec Between Two PIXes With VPN Client 4.x Access"
Just skip the commented configuration part for PIX-to-PIX communication and you will get what you want. Another document which can help you is: "How to Configure the Cisco VPN Client to PIX with AES" found at
This should be pretty much all you need to setup your network to your requirements.
Hope this helps! Please rate all posts.
Regards, Martin
02-03-2006 01:51 AM
Hello,
it will be worth to look at the explanations and configurations given in: "Configuring IPSec Between Two PIXes With VPN Client 4.x Access"
Just skip the commented configuration part for PIX-to-PIX communication and you will get what you want. Another document which can help you is: "How to Configure the Cisco VPN Client to PIX with AES" found at
This should be pretty much all you need to setup your network to your requirements.
Hope this helps! Please rate all posts.
Regards, Martin
02-10-2006 01:26 PM
Thanks for your input. I was able to get the VPN working.
02-03-2006 03:59 PM
below are the sample codes for configuring remote vpn access on a pix:
access-list 101 permit ip 192.168.1.0 255.255.255.0 10.1.1.0 255.255.255.0
access-list 120 permit ip 192.168.1.0 255.255.255.0 10.1.1.0 255.255.255.0
nat (inside) 0 access-list 101
isakmp policy 10 authentication pre-share
isakmp policy 10 encryption 3des
isakmp policy 10 hash md5
isakmp policy 10 group 2
isakmp policy 10 lifetime 86400
isakmp identity address
isakmp nat-traversal 20
crypto ipsec transform-set vpnset esp-3des esp-md5-hmac
ip local pool ippool 10.1.1.11-10.1.1.21
vpngroup vpnclient address-pool ippool
vpngroup vpnclient idle-time 1800
vpngroup vpnclient dns-server 139.130.4.4
vpngroup vpnclient password cisco456
vpngroup vpnclient split-tunnel 120
crypto dynamic-map dynmap 10 set transform-set vpnset
crypto map remote_vpn 20 ipsec-isakmp dynamic dynmap
username cisco password cisco123
aaa-server LOCAL protocol local
crypto map remote_vpn client authentication LOCAL
crypto map remote_vpn client configuration address initiate
crypto map remote_vpn client configuration address respond
regarding the vpn client, just simply install it by following the instruction on screen. click "new":
"connection entry" a name for your reference
"host" public ip of the pix 501
"name" vpnclient
"password" cisco456
to initiate a tunnel, double click the entry you just created. it will then prompt you for individual username and password (it's cisco and cisco123).
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: