1. Home
  2. Cisco Systems
  3. PIX 501 newbie (VPN issues)

PIX 501 newbie (VPN issues)

Hello all.

I read Google Groups all of the time, even more so having recently bought a PIX 501. I can usually find all of my answers here, but am having trouble with this one.

Here is what I am trying to achieve:

I have a fully working domain at my house. It is Windows based. The network has 3 Windows XP Pro PCs and 1 Windows 2003 Server.

I bought a PIX 501 to serve as the firewall.

I would like to be able to VPN into the network from the PC that I now have at my girlfriend's house. I would essentially like to have a Windows 2003 Server establish a secure VPN using the Cisco client to the PIX at my house so that I can replicate my AD data to the server and have a functional network in 2 sites.

I may have bitten off more than I can chew (feel free to tell me if it isn't possible).

Both locations have a Cable connection with a DHCP-based WAN IP.

I do have a mail server and FTP server functioning as well.

I have attached my current running config.

I am not terribly familiar with the CLI yet and the PDM just doesn't seem to address what I am looking for.

Any help would be greatly appreciated.

Thanks in advance.

Brian

Building configuration... : Saved : PIX Version 6.3(5) interface ethernet0 auto interface ethernet1 100full nameif ethernet0 outside security0 nameif ethernet1 inside security100 enable password RbBC8TNabJARy/Do encrypted passwd RbBC8TNabJARy/Do encrypted hostname CiscoPIX domain-name DOMAIN.NET clock timezone CST -6 clock summer-time CDT recurring fixup protocol dns maximum-length 512 fixup protocol ftp 21 fixup protocol h323 h225 1720 fixup protocol h323 ras 1718-1719 fixup protocol http 80 fixup protocol ils 389 fixup protocol rsh 514 fixup protocol rtsp 554 fixup protocol sip 5060 fixup protocol sip udp 5060 fixup protocol skinny 2000 fixup protocol smtp 25 fixup protocol sqlnet 1521 fixup protocol tftp 69 names access-list inbound permit tcp any any eq www access-list inbound permit tcp any any eq 3389 access-list inbound permit tcp any any eq smtp access-list inbound permit tcp any any eq https access-list inbound permit tcp any any eq 69 access-list inbound permit tcp any any eq telnet access-list inbound permit tcp any any eq 123 access-list inbound permit tcp any any range 3100 3103 access-list inbound permit tcp any any range 3000 3049 access-list inbound permit icmp any any pager lines 24 mtu outside 1500 mtu inside 1500 ip address outside dhcp setroute ip address inside 192.168.1.1 255.255.255.0 ip audit info action alarm ip audit attack action alarm pdm location 192.168.1.5 255.255.255.255 inside pdm logging informational 100 pdm history enable arp timeout 14400 global (outside) 1 interface nat (inside) 1 0.0.0.0 0.0.0.0 0 0 static (inside,outside) tcp interface www 192.168.1.5 www netmask

255.255.255.255 0 0 static (inside,outside) tcp interface 3389 192.168.1.5 3389 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface smtp 192.168.1.5 smtp netmask 255.255.255.255 0 0 static (inside,outside) tcp interface https 192.168.1.5 https netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 69 192.168.1.5 69 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 123 192.168.1.5 123 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3100 192.168.1.5 3100 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3101 192.168.1.5 3101 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3102 192.168.1.5 3102 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3103 192.168.1.5 3103 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3000 192.168.1.5 3000 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3001 192.168.1.5 3001 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3002 192.168.1.5 3002 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3003 192.168.1.5 3003 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3004 192.168.1.5 3004 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3005 192.168.1.5 3005 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3006 192.168.1.5 3006 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3007 192.168.1.5 3007 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3008 192.168.1.5 3008 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3009 192.168.1.5 3009 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3010 192.168.1.5 3010 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3011 192.168.1.5 3011 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3012 192.168.1.5 3012 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3013 192.168.1.5 3013 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3014 192.168.1.5 3014 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3015 192.168.1.5 3015 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3016 192.168.1.5 3016 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3017 192.168.1.5 3017 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3018 192.168.1.5 3018 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3019 192.168.1.5 3019 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3020 192.168.1.5 3020 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3021 192.168.1.5 3021 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3022 192.168.1.5 3022 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3023 192.168.1.5 3023 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3024 192.168.1.5 3024 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3025 192.168.1.5 3025 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3026 192.168.1.5 3026 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3027 192.168.1.5 3027 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3028 192.168.1.5 3028 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3029 192.168.1.5 3029 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3030 192.168.1.5 3030 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3031 192.168.1.5 3031 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3032 192.168.1.5 3032 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3033 192.168.1.5 3033 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3034 192.168.1.5 3034 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3035 192.168.1.5 3035 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3036 192.168.1.5 3036 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3037 192.168.1.5 3037 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3038 192.168.1.5 3038 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3039 192.168.1.5 3039 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3040 192.168.1.5 3040 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3041 192.168.1.5 3041 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3042 192.168.1.5 3042 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3043 192.168.1.5 3043 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3044 192.168.1.5 3044 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3045 192.168.1.5 3045 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3046 192.168.1.5 3046 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3047 192.168.1.5 3047 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3048 192.168.1.5 3048 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 3049 192.168.1.5 3049 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface telnet 192.168.1.1 telnet netmask 255.255.255.255 0 0 access-group inbound in interface outside timeout xlate 0:05:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00 timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00 timeout sip-disconnect 0:02:00 sip-invite 0:03:00 timeout uauth 0:05:00 absolute aaa-server TACACS+ protocol tacacs+ aaa-server TACACS+ max-failed-attempts 3 aaa-server TACACS+ deadtime 10 aaa-server RADIUS protocol radius aaa-server RADIUS max-failed-attempts 3 aaa-server RADIUS deadtime 10 aaa-server LOCAL protocol local http server enable http 192.168.1.0 255.255.255.0 inside no snmp-server location no snmp-server contact snmp-server community public no snmp-server enable traps floodguard enable telnet 192.168.1.0 255.255.255.0 inside telnet timeout 5 ssh timeout 5 console timeout 0 dhcpd lease 3600 dhcpd ping_timeout 750 dhcpd auto_config outside terminal width 80 Cryptochecksum:738d028e4bb583d34b4ced3f3f86cbe2 : end [OK]
Reply to
brian.marcotte
Loading thread data ...

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.