Hi,
I want to create a remote access VPN connection for a partner to our company IT resources. I have a failover system PIX 515E with 6.3(5) OS. PIX outside interface has RFC 1918 IP Address and is connected to a router witch in turn is connected to our ISP through Leased Line. PIX have also an available DMZ interface with RFC1918 IP address configured.
1. Can I configure IKE with ISAKMP enable on this DMZ interface to terminate the VPN remote connections? If no why? I have available public IP Address for static NAT with either outside or DMZ interface.
2. How can I control the traffic from the remote users to my internal network in PIX firewall? Can I use a kind of Access list somewhere?
3. What version of VPN software client I can use with Version 6.3(5) OS?
4. Can I preconfigured in any way the VPN software client with specific settings and give it to our customer locked and ready to use it?
5. Finally can I force the VPN software client to not allow concurrent internet access and VPN traffic from remote PC with this OS version?
Thanks in advance!