Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Win 2000 L2TP/IPSec VPN to PIX 501

Can someone direct me to a step-by-step document?

I need to configure a Windows 2000 Pro laptop to use L2TP/IPSec VPN over a dial up connection to a PIX 501 firewall (static IP address). I do not have access to obtain the Cisco VPN Client 3.5.1.

Correct me if I am wrong, but I think I need to use pre-shared keys because I don't have a CA to provide certificates or RSA signatures.

I also need to use dynamic crypto maps because I use the laptop to dial-in to an ISP as DHCP client.

I have read lots of documents and sample configs but can not find one matching my needs!

New Member

Re: Win 2000 L2TP/IPSec VPN to PIX 501

This should help: make sure your PIX is licensed for IPSEC and use the client if you can, it’s much better.

New Member

Re: Win 2000 L2TP/IPSec VPN to PIX 501

Thanks for the link. By the way, I can not find anyone who sells the client with one license (since this is for personal use). All I can find at is a 100, 1000 and unrestricted license. And, it's for the 1.1 client. They don't sell 3.5.1. I don't even have access to the Cisco pricing tool to obtain part numbers because I am not a Cisco partner. So, do you know how I can obtain the client and why is it much better than Windows 2000 L2TP/IPsec?

Cisco Employee

Re: Win 2000 L2TP/IPSec VPN to PIX 501

The Cisco VPN client 3.x is free to download off CCO for use to connect to Cisco devices, as long as you have the necessary persmissions (as per your contract and CCO profile). It is available off:

You need to have your CCO profile enabled for 3DES access.

It is heaps better and easier to configure than the

W2K L2TP/IPSec, and have more features than the native W2K client, such split tunnelling, ipsec thru nat, etc. See sample config for a PIX on:

CreatePlease to create content