Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

How to enable PIX 515E VAC+ Crypto5823 revision 0x1

Hi

I always use software vpns like:

1) ProXPN

2) TrustConnect (Comodo)

3) ThreatSpike Dome

4) Vpnbook

5) Hotspot Shield

etc,etc,etc...

Basically they hide my real IP address assigned by my ISP, and they encrypt my internet connection. They are used for security and privacy.

I want to do exactly the same thing but through HARDWARE (card,chip), not SOFTWARE (openvpn, etc). And without any company, organization, or people keeping logs of the websites I visit.

My question is.

It is possible to do  exactly the same thing but with my PIX 515E VAC+ Crypto5823 revision 0x1?

If it is possible. How can I acomplish this?

Any tips, commands, tutorials, links, guides, books, labs

Recently I was able to configure my public and private ip address and NAT in my PIX, so far so good.

http://www.pcworld.com/article/118525/article.html

But when I go to https://www.dnsleaktest.com/ its still showing my real public ip address. I thought that with NAT enable, my public IP address would be hidden.

So I thought hey maybe the PIX 515E VAC+ Crypto5823 revision 0x1 would do the trick. But I dont know wich are the commands I have to use to enable it and configure it. I dont know if is already encrypting my internet connection. How can I tell if is working and encrypting my internet?

Now in case you guys tell me that is not possible to do that with PIX 515E. It will be possible with a CISCO VPN 3000 Concentrator?

This is my firewall PIX config:

Licensed features for this platform:

Maximum Physical Interfaces : 6

Maximum VLANs               : 25

Inside Hosts                : Unlimited

Failover                    : Active/Active

VPN-DES                     : Enabled

VPN-3DES-AES                : Disabled

Cut-through Proxy           : Enabled

Guards                      : Enabled

URL Filtering               : Enabled

Security Contexts           : 2

GTP/GPRS                    : Disabled

VPN Peers                   : Unlimited

This platform has an Unrestricted (UR) license.

Encryption hardware device : VAC+ (Crypto5823 revision 0x1)

Cisco PIX Security Appliance Software Version 7.2(4)25

Thanks

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

How to enable PIX 515E VAC+ Crypto5823 revision 0x1

Hi Alex,

     If you are using PIX firewall as a perimeter gateway to internet, then you wont be able to use NAT on PIX to hide Public IP addresses.

As far as the test you conducted to check the IP address through dnsleak.com

you will always get the IP to which you are NATing or PATing your internal machines.

As far as software VPN are considered, In that case a VPN tunnel between the servers at the Proxpn or vpnbook or etc is made and the traffic gets initiated at your end goes encrypted till Proxpn and then is routed to Internet.

Internal Host-----VPN-------ProXPN--------internet.

however if you talk of VPN on PIX firewall its not a solution for such host based issues, it is rather used at a enterprise level or as a business solution.

Internal Host-----PIX------VPN tunnel----------OFFICE SITE-----Internal resources.

what you are looking for is a host based solution, however VPN on PIX provides a different utility all together.

So if your requirement is just to hide your identity, i would suggest you to use a proxy instead of VPN for this . USe any global free Proxy and that would do the trick for you.

Hope it helps

Cheers,

Naveen

Please Rate helpful Posts...

Hope it helps Cheers, Naveen Please Rate Helpful posts.
3 REPLIES
New Member

How to enable PIX 515E VAC+ Crypto5823 revision 0x1

Hi Alex,

     If you are using PIX firewall as a perimeter gateway to internet, then you wont be able to use NAT on PIX to hide Public IP addresses.

As far as the test you conducted to check the IP address through dnsleak.com

you will always get the IP to which you are NATing or PATing your internal machines.

As far as software VPN are considered, In that case a VPN tunnel between the servers at the Proxpn or vpnbook or etc is made and the traffic gets initiated at your end goes encrypted till Proxpn and then is routed to Internet.

Internal Host-----VPN-------ProXPN--------internet.

however if you talk of VPN on PIX firewall its not a solution for such host based issues, it is rather used at a enterprise level or as a business solution.

Internal Host-----PIX------VPN tunnel----------OFFICE SITE-----Internal resources.

what you are looking for is a host based solution, however VPN on PIX provides a different utility all together.

So if your requirement is just to hide your identity, i would suggest you to use a proxy instead of VPN for this . USe any global free Proxy and that would do the trick for you.

Hope it helps

Cheers,

Naveen

Please Rate helpful Posts...

Hope it helps Cheers, Naveen Please Rate Helpful posts.
New Member

How to enable PIX 515E VAC+ Crypto5823 revision 0x1

1) I just saw with wireshark that my internnet connection is not been encrypted when I use my

    PIX 515E VAC+ Crypto5823 revision 0x1

https://ask.wireshark.org/questions/1324/vpn-connection

2) So my PIX 515E VAC+ Crypto5823 revision 0x1, its disabled, does not work, or I need like a license in order to             activate his functionality.

3) Once is connected to the PIX it should start working according to this, I could be wrong:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_qanda_item09186a0080148723.shtml

Q. What do customers have to change in their cryptographic configurations when they add the Cisco PIX Firewall VAC+ to a Cisco PIX Firewall?

A. No changes are needed. The Cisco PIX Firewall VAC+ begins to function immediately after installation. No special configuration is needed.

So I am kinda confuse on this one. I am going to keep trying.

Silver

How to enable PIX 515E VAC+ Crypto5823 revision 0x1

?????

Explain it, where is the source where do you want to connect and over what protocol.

Value our effort and rate the assistance!

Value our effort and rate the assistance!
244
Views
0
Helpful
3
Replies