We just replaced a Linksys RV042 with a PIX 501 here at the office to satisfy the auditors. Auditors like buzzwords and disks full of log files, and they seemed to believe the PIX 501 satisfied both. However, I can't get it to do what the little RV042 used to. Namely, act as a VPN server.
There are a few basic things I need to get working here. First, we have a vendor-supplied and configured Cisco 1710 router acting as a VPN gateway. If I enabled "fixup protocol esp-ike" on the PIX, it goes through just fine. Unfortunately, if I want the PIX to act as a VPN server I don't think that's gonna work.
Next, we're using DSL. So.. that means PPPoE, unless I can talk to Bellsouth and find a different way...
Which interferes with it being a VPN server, from what I've heard. Whether I use the Cisco VPN client or L2TP/PPTP... doesn't really matter to me... I just need a few people to be able to get into the network to access files, email, or do maintenance on servers over the weekend when we can't get into the office via VNC/Terminal Services.
So, in order....
1) Internal VPN gateway trying to go out. I think it needs IKE NAT Traversal, but turning that on hasn't helped. Only fixup works for me.2) PPPoE and acting as a VPN server. Is it even possible? Do I need to set it up to NAT a port to the local interface, or what?
At this point, I'm thinking Cisco's "Linksys to Cisco Trade-Up Program" should be renamed to Trade-Down. The Linksys RV042 worked like a charm for us, but I'm ready to throw this stupid little teal box out a window. The things I've heard about the PIX 501 not doing VPN and PPPoE at the same time baffles me, as the Linksys cost $500 less and did it perfectly.
Thanks in advance Steven