See inline below. ""Richard Campbell"" wrote in message news:[EMAIL PROTECTED] > Hi.. Group, I just successfully connect to home VPN client 3.X to my > VPN 3000 concentrator in my HQ in NY, but now I want to use it to connect > to my PIX 515 in my local branch as well. May I know > > 1)Whether I can use the same VPN client (which connect to VPN3000 conc) > to connect to my PIX 515 ? > Yes, you should.
> 2)What is the difference between connecting VPN3000 and PIX515, if we > can connect to PIX515, why should HQ buy VPN3000 just for home users > to connect? What is the maximum connection to VPN3000 and PIX 515 > The VPN concentrator (VPN3000) can handle many more VPN tunnels then the PIX 515. Check the specs on Cisco's website. The processor on the PIX 515 can only handle so many connections. > 3) I tried to add a few command in my PIX515 in order to make my VPN > client to connect to my PIX515, but it fail to connect. Error Msg > and addition config below. May I know any other additional config needed? > > Failed to establish a secure connection to the security gateway. > > ip local pool REMOTEIPPOOLS 192.168.1.241-192.168.1.250 > > vpngroup VPNCLIENTS address-pool REMOTEIPPOOLS > vpngroup VPNCLIENTS dns-server 192.168.1.201 > vpngroup VPNCLIENTS wins-server 192.168.1.201 > vpngroup VPNCLIENTS default-domain xyx.com > vpngroup VPNCLIENTS idle-time 1800 > vpngroup SGVPNCLIENTS password ******** > That looks okay, but do not forget about the ISAKMP stuff. (I see some below) > 4)I was told that isakmp policy for VPN client 3.X need to be dh group 2? > Is it a must? > > isakmp policy 10 authentication pre-share > isakmp policy 10 encryption des > isakmp policy 10 hash sha > isakmp policy 10 group 1 > isakmp policy 10 lifetime 86400 > Do not forget to apply the isakmp to the correct interface. I think there is also a system command you need. > _________________________________________________________________ > STOP MORE SPAM with the new MSN 8 and get 2 months FREE* > http://join.msn.com/?page=features/junkmail Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=69941&t=69932 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
