I am trying to set up a multi site VPN using Cisco 857W Routers for DSL connectivity and a PIX-501 at each site. The client will also need Microsoft VPN client access to the PIX at the main site. I am having all sorts of trouble and I think it is due to the 857W stopping the PPTP traffic. Can someone give me some pointers on basically allowing all traffic through the 857W to the PIX. Do I need to create any port forwarding on the 857W to allow traffic through to the PIX? Any help greatly appreciated.
If you plan to use 857s, why don't you configure vpn and firewall on them? It is true to some extent that the 501s tend to be more 'stable' as the software 6.3(5) is very 'mature' But 857s work generally Ok too.
But if you stick with 501 and use 857 just to provide DSL connectivity, make sure there is no firewall running on it and no access-list is blocking the legitimate traffic. It is probably best to assign a public address to the external interface of the pix and do nat on it. (use ip innumbered on the DSL interface)
Thanks for your reply. The client has purchased the PIX 501's so I would like to set them up with these if possible. The 857's are supplied standard from their DSL provider.
I will disable the firewall on the 857's as per your suggestion. Could you please explain further how I might assign their public IP to the outside PIX interface and not the 857? Sorry, I am learning fast but have only been working with Cisco gear a few weeks.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :