1. Home
  2. Cisco Systems
  3. PIX VPN site to site and client

PIX VPN site to site and client

hi I have a pix that has one interface on the inside and one interface on the outside network. Users on the inside network have access to the internet via the outside interface where PAT is being applied. Also outside users have access to specified internal server that have a public IP address. A static address translation between the inside and the outside is in place.

Now there is a need to have the PIX terminate IPSEC connections for Cisco VPN clients and site to site. Questions Can the outside interface terminate the IPSEC connections for site to site and vpn client in addtion to performing the above functions. Also can the PIX be used as DHCP server for internal users and users in the VPN address pool?

A sample configuration would be helpful.

Thanks

Reply to
djoe
Loading thread data ...

np

A: yes look on Cisco.com for sample cfg or in this news-group

A: yes use "dhcpd ..." for the inside users fx dhcpd address 192.168.1.100-192.168.1.129 inside dhcpd dns 192.168.1.10 dhcpd wins 192.168.1.10 dhcpd lease 7200 dhcpd ping_timeout 750 dhcpd domain locallan.com dhcpd enable inside

Use "ip local pool ..." for the VPN user fx ip local pool cvpn3pool 172.16.20.1-172.16.20.254

HTH Martin

Reply to
Martin Bilgrav

Thanks for your reply I am planning on upgrading to a ASA 5505 Device. Is it true that i can configure Vlans for the DMZ's subnets and assign each of the six physical ethernet ports to the particular VLANs in the DMZ with the switchport access command?

thanks

messagenews: snipped-for-privacy@79g2000cws.googlegroups.com...

Reply to
djoe

yes

Reply to
Martin Bilgrav

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.