RE: PIX VPN Client Configuration - At my wit's end! [7:74363]
Hi James, First and foremost please make sure that the inside ip address of the pix and the VPN address pool are of different range since there is a BUG associated , i would recommend you to use an entirely different range of address pool. What is the client version you are using? If you are using Cisco VPN client 3.6.x and above then please change the hash type to md5 as Cisco VPN client 3.6.x doesnt support sha . isakmp policy 1 md5 Pls read check this link: http://www.cisco.com/warp/public/707/ipsec_debug.html#inability Just let me know if you have any queries. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74636&t=74363 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: 2501 VPN [7:73977]
Hi You can check this link: http://www.cisco.com/warp/public/707/overload_public.html http://www.cisco.com/pcgi-bin/Support/browse/psp_view.pl?p=Internetworking:IPSec&s=Implementation_and_Configuration#Samples_and_Tips Just let me know if you have any queries. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74638&t=73977 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: PIX VPN Setup [7:74369]
Hi! John, The isakmp and pre-share key is used only when you have the L2L tunnel setup. When you have a VPN tunnel between Client and PIX , the command below is same as the isakmp and pre-shared key. vpngroup VPNUSER password Spli tunneling is used when you want the user to browse the internet when he still has a VPN tunnel established. Pls check this link to know more abt split tunneling: http://www.cisco.com/warp/public/707/ipsec_debug.html#inability Let me know if you have any queries. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74635&t=74369 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: PIX- DMZ [7:74422]
Yeah! u need to put in the command sets on the PIX . First step you would like to put would be the nat and global commands. Second you would need to specify the routes for the dmz. Pls let me know if you owuld like to know the syntax of the command. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74634&t=74422 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: PIX Firewal Software Version [7:73894]
Hi , I would suggest you to use PIX 6.2 software rather than 6.3.1 , since this has a lot of BUGs , you can download the latest PIX software version 6.3.2 Let me know if you have any queries. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74639&t=73894 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: ACL for DMVPN [7:74028]
Hi , DMVPN is used when you have HUB and spoke topology and you want to pass other than IP traffic through the VPN tunnel. You have to open up ports for GRE and please check these links which gives you a sample config for DMVPN. http://www.cisco.com/warp/public/471/dcmvpn.html http://www.cisco.com/warp/public/707/dmvpn-gre-ospf.html Let me know if you have any queries or if you would like to know more abt DMVPN. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74645&t=74028 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: PIX License upgrade procedure [7:73769]
Hi Hitesh, If you want to upgrade the license to 3DES please write to [EMAIL PROTECTED] with the following details: 1.No.Of Interfaces on PIX 2.Serial Number 3.PIX Model number 4.The feature request : Need a 3DES license The 3DES license is free , you will get a HEX code as the 3DES licnense. Let me know if you have any queries. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74644&t=73769 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
