Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN on PIX 501

OK experts...I now have my PIX 501 working with a single IP address using PAT. POS version is 6.1 and I want to now allow internet users to access the server behind the firewall using a VPN client.


1. Users have W2K and XP Pro client based PCs...what client s/w should be used?

2. How do I configure the 501 to allow secure VPN connections to the server?

TIA, Phil

Cisco Employee

Re: VPN on PIX 501

You have a few choices for client SW.

- You can use the Cisco VPN Client, but you'll have to purchase licenses for this for every PC that is using it (it comes free with a VPN3000 concentrator, but not with the PIX). If you go this route, configure the PIX using this:

- If you don't want the hassle of loading additional SW on the users PC, then you can use the inbuilt Dial-Up Networking of Windows and use PPTP to connect, see the following for details:

- Your third option is to use L2TP/IPSec which is also inbuilt in Win2K/XP, but this requires the use of certificates which means a separate certificate server, a pain if you just want a few users coming in. The configuration of the PC is not overly simple either, PPTP is a much easier option. You can read about this here:

New Member

Re: VPN on PIX 501

Thanks for the fast response....was hoping to hear of a straight forward solution for just a few users. Maybe I should consider a 4th option of PCanywhere...will that work thru a PIX?


New Member

Re: VPN on PIX 501

this would work but surely you want to encyrpt the data?


Re: VPN on PIX 501

Why would you want users to be able to log on locally to your server? Or do you want to install pc anywhere on everyone's desktops?

New Member

Re: VPN on PIX 501

Actually only will let authenticated users gain access via the the internet to shares that hold business related information. I see that SBServer 2003 has now some remote services built into it. I've ordered the demo to see if can solve the problem.

I also sent email to Cisco sales asking about the cost and availability of their desktop response.

CreatePlease login to create content