Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

VPN 3005 to various sites

I have a VPN 3005 at central site and different sites connecting via Pix and routers at branch site. They all get Public IP Addresses dynamically. Now they are working since I have configured a Base Group password. But I want to give each site different password. Is this possible.

3 REPLIES
Cisco Employee

Re: VPN 3005 to various sites

If you don't kno the remote sites IP address, then the only way is to define them with the Default Pre-Shared Key defined under the base group parameters as shown here:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_configuration_example09186a00800ae459.shtml

You can't unfortunately give each remote site a different password, sorry.

New Member

Re: VPN 3005 to various sites

Thanks for the response. That means Groups can be configured only for VPN 3002 and software clients ?. For PIX and Routers do we need to configure them only either base groups or if we know the IP under LAN-TO-LAN section. What I wanted to do was filter the different sites (dynamic IPs) to be allowed to access only a specific portion of the Lan. Do you think this is possible.

Cisco Employee

Re: VPN 3005 to various sites

Sorry for the delay in responding.

You can set the remote routers and PIX's up as EzVPN clients, so in effect they simulate a 3002/software client. This works much the same way as a L2L tunnel connectivity wise, but will allow you to push parameters to the routers/PIXs based on different concentrator groups.

Do a search for EzVPN or EasyVPN and there'll be a bunch of stuff on it. You'll need 12.2(13)T or higher on the router.

91
Views
5
Helpful
3
Replies
CreatePlease to create content