Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

setting up remote access vpn authentication on 501

I want to setup a 501 pix so remote users cannot connect to it using the Cisco VPN client, however, I do not have a Radius or TACACS server. how do I set up the pix so that I can define local accounts the users can connect with, and is it possible for the pix to forward to an active directory for authentication if I didn't go with local auth? If it can't be done with the Cisco VPN client, can either type of authentication (local or AD) be done using PPTP on a windows machine so that they didn't need to load the VPN client?

Lastly, can site to site vpn tunnels be implemented on the same pix if its also serving remote access tunnels? I've heard the limit is 10 on the pix, but I don't know if thats a total for both remote access and site to site? anyone know this?

1 REPLY

Re: setting up remote access vpn authentication on 501

Here are answers to some of your queries.

set up the pix so that I can define local accounts the users can connect with

>> yes this is possible, check this link for such config

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008060f25c.shtml

PIX with Active directory authentication

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806de37e.shtml

L2Tp to PIX/ASA with local authentication

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080093f89.shtml

can site to site vpn tunnels be implemented on the same pix if its also serving remote access tunnels

>> YES, something like this

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080912cfd.shtml

97
Views
0
Helpful
1
Replies