I would like to set up hub and spoke VPN connectivity between a small main office and two remote offices using PIX 501s over dsl and cable. The remote offices have two or three devices that would connect to the main office server over an IPSec tunnel. Is there anything else I need besides the PIX 501s and dsl/cable modems ? to provide authentication? Manager(s) would also like to use software to be able to tunnel in from home.
if you want to keep it simple, pix501 with dsl/cable modem would be enough, you can setup vpn by using pre-shared key on pix. unless you want to authenticate with token or digital certificate.
h.o. lan <--> pix501 <--> modem <--> internet <--> modem <--> pix501 <--> remote lan
depends on the business requirement, you may want to setup lan-lan vpn or easy vpn. also depends on whether the reomte office has a static public ip or not. (note that h.o. must have a static public ip for vpn)
for easy vpn, only user from remote office can initiate the tunnel; whereas lan-lan vpn can be initiated from either h.o. or remote office. if remote office hasn't got a static public ip, then easy vpn is the only way.
regarding remote user from home, you can setup dynamic crypto map to allow remote vpn access. cisco vpn client software needs to be installed on home pc. then user will need a group username/password and (optional) individual username/password, both of them are pre-configured on the pix.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...