Solved

PPTP from a 7507 Cisco Router to a Cisco 506E PIX

Posted on 2004-08-06
4
260 Views
Last Modified: 2013-11-16
I'm not sure how elementary this is, but here is the scenario:

We switched ISPs not too long ago, our original configuration was a C2600 router and the 7507 router both had a PPTP tunnel between this site and our Washington offices.

We're currently trying to get the 7507 Router to talk to the newly installed 506E firewall that is installed here at this site. My contact in Washington tells me the 506E doesn't support PPTP and that the 7507 doesn't support the new AES encryption schemes, so we're stuck. Is this really the case? What I need to do is basically allow a PPTP tunnel between the 7507 and the 506E, note it's not connecting to anything behind either device, the 506E and 7507 are both endpoints. Is there a possibility this can't be done?

The old Cisco router basically had an interface called TunnelX with the IP source of our old router, tunnel destination on their end and ACLs to allow access through to their internal IPs.

Sorry this sounds so vague but I'm at a loss as to where to start...
0
Comment
Question by:kittensizedbulldozer
  • 2
4 Comments
 
LVL 36

Accepted Solution

by:
grblades earned 200 total points
ID: 11737417
Hi kittensizedbulldozer,
If the 7507 does not support AES then you can still use DES or 3DES encryption. For an example see :-
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080094498.shtml

The PIX does support PPTP. See an example here
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080143a5d.shtml
0
 
LVL 79

Assisted Solution

by:lrmoore
lrmoore earned 50 total points
ID: 11738099
If you have IPSEC 3DES feature set on the 7507, then it should also support AES
Yes, the PIX does support PPTP, but only in a client/server role, not LAN-LAN. I don't think the 7507 is capable of being a PPTP client. I'm not sure this is really what you want to do.
If your intent is to create a LAN-to-LAN VPN tunnel, using IPSEC, then it should be a piece of cake using the example config that grblades posted above.
0
 

Author Comment

by:kittensizedbulldozer
ID: 11749903
Yeah just so you know I'm looking into grblades' suggestions still, I'm just super swamped with everything else that has been going wrong this week so I will look the solutions over and get back to you guys as to whether it was helpful or not. Just glancing over, the second article looks like maybe what we're trying to attempt, but part of my issue right now is getting a straight answer out of the Washington office as to how exactly they want us to connect to them. :-)
0
 

Author Comment

by:kittensizedbulldozer
ID: 11755395
We ended up re-configuring our 2600 into the network in order to handle the endpoints, so we're good. Thanks anyways...someday we'll probably take the 2600 and take another swing at it, so I'll reference those articles grblades mentioned then. Thanks guys.
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now