I have two locations that I need to connect using two pix firewalls. One location has a PIX515E [7.0(1)] and the other one has a PIX506E [6.3(5)]. I followed the Cisco examples to create a tunnel between the two sites but I'm unable to establish a tunnel.
Here are the the configurations. I replaced the external IP addresses with 192.168.0.120 and 192.168.1.117 (outside interfaces):
I realize that this will only work until the dynamically assigned public IPs change but that's ok for now. Perhaps someone can show me how to implement a permanent solution using hostnames instead of IP addresses. I can have dynamically updated hostnames using DynDNS.
Also, I need users to be able to use the Cisco VPN client to connect to the 515 site. They don't need to have access to the 506 site once they're connected.
Thanks, but I'm running version 7.0 (totally different ballgame) and 6.3 on the other. As I already mentioned I already followed the Spoke-to-Spoke example almost literally - I just replaced the IP addresses with mine and added dhcpd configuration on the 6.3 side. It's not working. The only other difference that I can think of is that my external addresses are assigned dynamically.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...