09-24-2005 08:30 PM
Dear Expertise
Recently we hava configured vpn tunnel between two locations. Now would like to create a vpn tunnel on third location. What configuration will applies on cisco PIX 501 firewall version 6.3.4.
Please refer thr existing pix config at both location.
Solved! Go to Solution.
09-30-2005 10:11 AM
No its not created yet. i have followed each and every instructions which is provided by you but still the same problem. I strongly believe there must be some more commands to add in all the three locations to work perfectly.
If you feel so please send me the list of others commands.
thanks
10-01-2005 12:19 AM
please post the latest config?
10-01-2005 04:19 AM
Thanks for the reply. I have successfully created vpn tunnel between three locations.Basically i have added the below commands in all the locations.
=====================================================crypto map rtpmap 1 ipsec-isakmp
crypto map rtpmap 1 match address 102
crypto map rtpmap 1 set peer
crypto map rtpmap 1 set transform-set SecuritySet
crypto map rtpmap 1 set security-association lifetime seconds 3600 kilobytes 4608000
=====================================================
I thank you very much jaccko. I LEARN LOT FROM YOU.
The only problem was if you would have asked me to put the above commands in all the location then i would have created the VPN on your third comments.
Hence i learned how to create VPN tunnel between three location and you are the one who teached me how to create.
I alos thanks to NETPRO.
Have a good weekend
10-03-2005 11:31 AM
hello,
does your configuration allows you to initiate vpn from any location to any location?
I ask coz i will be implementing the same.
thanks.
10-03-2005 11:10 PM
the config sample i posted is lan-lan vpn, not ezvpn. so it can be initiated either from the local or remote site.
10-04-2005 04:48 PM
Sorry didnt understand your question.
"the config sample i posted is lan-lan vpn, not ezvpn"
What is ezvpn?
In my question i mentioned vpn tunnel between three location so for me its LAN-LAN-LAN VPN.
10-04-2005 07:15 PM
so far the config in this post is lan-lan vpn.
i post that because "cfajardo1" was wondering whether we are discussing lan-lan vpn or ezvpn.
ezvpn is like a server/client model. the vpn device at the h.o. acts as a vpn server whereas all remote vpn devices act as vpn client. the pros is that ease of configuration.
however, the catch is that h.o. can't initiate the vpn, only reomte sites can.
10-04-2005 04:44 PM
yes
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide