Could a cisco pix 501 - 515 be used for Lan-To-Lan VPN ?

Posted on 2005-05-09
Medium Priority
Last Modified: 2010-05-18
I need to setup a VPN between 4 sites (Mainly for 3 of the sites to access ressources in the 4th one)
For now it's only Lan-to-Lan but i also need to think about direct connections from users at home (Later, and not so urgent).
The main site has 25 users, and the 3 others, 5 users each.
Each site has fast internet connection, possibly with fixed ip adresses if needed.

We have no administrators (And only one programmer, me), but i have heard that pix501 for the 3 small sites and pix515 for the main site could be good solutions.
But it seem that thoses hardwares they are mainly routers (unlike VPN 3000 series) and i need to known if i could use them like that (Is it possible, did it has big performance concequences, ...).

I put 500 points because the question is prety urgent, and what i search is more a "Do the choice for me, corresponding to my criteria" that a simple question.
Question by:virtualblackfox
LVL 43

Assisted Solution

JFrederick29 earned 400 total points
ID: 13960554
That is the way to go.  PIX 515 at the main office and PIX 501's at the remote offices.  VPN tunnels will work like a charm.
LVL 13

Assisted Solution

Dr-IP earned 400 total points
ID: 13961059
There are a lot of potential options out there for doing what you want to do, but I don’t see any reason a PIX solution wouldn’t be a good option, I know it would be at the top of my list, and once it’s deployed it should be about as service free as it gets. You will want to get fixed addresses all around, but you will really want that for any solution you might choose as even if you can get it to work with dynamic addresses, having fixed ones will make it easer to troubleshoot.    
LVL 79

Accepted Solution

lrmoore earned 1200 total points
ID: 13964709
Agree with all above, but the 515e might be overkill for the main site. You could easily get by with a 506e for 1/2 the cost.
Fixed IP on the main site and it really doesn't matter at the remotes.

Data sheet:

Words of advice:
* You can most likely qualify for free 3DES license key upgrade. Quick and easy form to fill out online and get your new key in minutes.
* Get SmartNet maintenance - 8x5xnext business day on all Cisco products, and keep it renewed anually.. you'll be glad you did.. free upgrades to 7.0 "lite" for the 501's and 506 when it comes out..


Author Comment

ID: 13965998
Thanks a lot everyone, specially lrmoore for the advices.

Featured Post

Prep for the ITIL® Foundation Certification Exam

December’s Course of the Month is now available! Enroll to learn ITIL® Foundation best practices for delivering IT services effectively and efficiently.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Problem Description:   Couple of months ago we upgraded the ADSL line at our branch office from Home to Business line. The purpose of transforming the service to have static public IP’s. We were in need for public IP’s to publish our web resour…
Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question