PIX 515e site to site and Cisco vpn client configuration.
I have two PIX515e's in a datacentre (active/failover configuration. I have to configure the units for two seperate site to site vpn's and for the Cisco software client. The two sites also have PIX's one is a 515 and one is a 525. The Cisco software client I have is 4.0.5 and 4.6 (any recommendations on which is the less problematic would be good).
I will need the Cisco clients to be able to authenticate against a Windows 2003 AD server, which will be through IAS. Here is the config I have pulled together for the VPN client (which is probably very wrong, but there you go):
access-list 101 permit ip 192.168.12.0 255.255.255.0 192.168.40.0 255.255.255.0
access-list 101 permit ip 192.168.40.0 255.255.255.0 192.168.12.0 255.255.255.0
access-list 101 permit ip 192.168.40.0 255.255.255.0 192.168.11.0 255.255.255.0
access-list 101 permit ip 192.168.12.0 255.255.255.0 192.168.50.0 255.255.255.0
Am I on the right track??? From what I understand you can only have one crypto map per interface so how would I configure the central PIX to add the two tunnels from the other two sites and what config needs to be on them??
I have not done this before and am getting a bit confused....