Remote Access VPN creation in PIX 515E Version 6.3(5)
I want to create a remote access VPN connection for a partner to our company IT resources. I have a failover system PIX 515E with 6.3(5) OS. PIX outside interface has RFC 1918 IP Address and is connected to a router witch in turn is connected to our ISP through Leased Line. PIX have also an available DMZ interface with RFC1918 IP address configured.
1. Can I configure IKE with ISAKMP enable on this DMZ interface to terminate the VPN remote connections? If no why? I have available public IP Address for static NAT with either outside or DMZ interface.
2. How can I control the traffic from the remote users to my internal network in PIX firewall? Can I use a kind of Access list somewhere?
3. What version of VPN software client I can use with Version 6.3(5) OS?
4. Can I preconfigured in any way the VPN software client with specific settings and give it to our customer locked and ready to use it?
5. Finally can I force the VPN software client to not allow concurrent internet access and VPN traffic from remote PC with this OS version?
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...