Need help with Multiple Site-to-Site VPNs (BTB)
Posted on 2005-03-31
I have a PIX 515e firewall as my only exterior facing devce. I run remote access VPNs for sales and IT staff through it, but I also use it for a site-to-site to a vendor (ESP-3DES-SHA). I was told to set up an additional site-to-site (I'll abbreiviate, STS)with a different vendor (ESP-3DES-MD5). I have never built a VPN before, only adjusted the current to allow additional traffic. So I am trying to build it using this book I have and examining the current config for the original STS VPN. The STS has to be ESP-3DES-MD5, and I was given a public IP (no mask provided) for the tunnel and a public IP (no mask provided) for the traffic once the tunnel is created. I am allowing only port 3389 for remote desktop.
1) I am having trouble creating an ACL for this traffic since I am not given any private IP addresses.
2) A crypto map is already created for the first STS, so how do I use this map with a different transform set.
3) Is there a specific order I have to go in to build this STS VPN? For example. Does the ACL have to be in there before I can create the other pieces?
I am a rookie :(