09-23-2005 07:58 AM - edited 02-21-2020 01:59 PM
Hi, we have a pix 501 6.3(4), a windows 2000 server. I
want to configure the pix so that when i am out of the
office i can access files(and be connected) on the
server remotely (which sits behind the pix). all the
users to access the server remotely have cisco vpn
client, nortel vpn client, and the usuall windows vpn
client. Where do i start? Links will also be
appreciated.
server ip = 192.168.1.100
pix inside = 192.168.1.1
pix outside = a.b.d.c (public).
Patrick
09-23-2005 08:37 AM
Here is an example:
fixup protocol esp-ike
access-list NONAT permit ip Internalnet ISubnet VPN-Pool 255.255.255.0
access-list DYN-VPN-ACL permit ip Internalnet ISubnet VPN-Pool 255.255.255.0
aaa-server LOCAL protocol local
aaa authentication secure-http-client
sysopt connection permit-ipsec
crypto ipsec transform-set TRANS esp-3des esp-md5-hmac
crypto dynamic-map outside_dyn_map 20 match address DYN-VPN-ACL
crypto dynamic-map outside_dyn_map 20 set transform-set TRANS
crypto map REMOTE 65535 ipsec-isakmp dynamic outside_dyn_map
crypto map REMOTE client authentication LOCAL
crypto map REMOTE interface outside
isakmp enable outside
isakmp identity address
isakmp nat-traversal 20
isakmp policy 10 authentication pre-share
isakmp policy 10 encryption 3des
isakmp policy 10 hash md5
isakmp policy 10 group 2
isakmp policy 10 lifetime 86400
ip local pool VPNPool x.y.z.1-x.y.z.254
vpngroup VPNGroup address-pool VPNPool
vpngroup VPNGroup dns-server dns2 dns1
vpngroup VPNGroup default-domain localdomain
vpngroup VPNGroup idle-time 1800
vpngroup VPNGroup password grouppassword
username vpnclient password vpnclient-password
sincerely
Patrick
09-24-2005 09:51 AM
Patrick,
Thanks ma friend
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide