Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 262
  • Last Modified:

The Pix Firewall

Trying to creat a Vpn tunnel from outside which is using DHCP to allow in the pix firewall.  At the momment the  Netowork doesn;t have a DHCP server it  relies on manual TCP/IP configuration.  I have created a Vpn tunnel to a static ip address but I am struggling to create one which doesn;t have a static ip address.. If their is something I need to cofigure on the pix so it allows DHcp ip connection.. So if I was in a hotel or any public sector I connect to my network.....What is your best solution
0
jazzyjeff84
Asked:
jazzyjeff84
  • 5
  • 5
1 Solution
 
lrmooreCommented:
Are you using the Cisco VPN client? If yes, then you don't need to specify any remote IP address..
Well . . . depending on the PIX OS version. What version are you running?
Step by step guide using PIX 6.x
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a008009442e.shtml
0
 
jazzyjeff84Author Commented:
i don't think you understand what I'm having problems with....The Pix I am using is 501 version 6.3..I don't wont to use a static external address because if I was in a hotel how do make it so that pix allows this dynamic address through the firewall in the internal network, keep in my mind that internal network doesn't use dhcp server>>>This my question.  
0
 
lrmooreCommented:
I guess I don't understand.
Are you taking this 501 to a hotel and using it there? And you want others to be able to connect to this PIX via VPN?
Are you going to a hotel with a laptop with Cisco VPN client and connecting back to the PIX501 at your office?

> I have created a Vpn tunnel to a static ip address
You created a tunnel between this PIX501 with a static IP address, and what else? A tunnel has 2 ends..
Or you created a tunnel between something else with a static IP address and this PIX 501?

>keep in my mind that internal network doesn't use dhcp server
How internal systems get their IP's is irrelevant to how the outside interface gets its IP address.

~ confused as to what your goal is ~
0
The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

 
jazzyjeff84Author Commented:
>Are you going to a hotel with a laptop with Cisco VPN client and connecting back to the PIX501 at your office?
This is what I;m trying to achieve.....simple for you isit
0
 
lrmooreCommented:
Yes. That is exactly what I thought you meant the first time, and that is exactly the scenario that I posted a configuration for in the link in my first post. Follow those instructions and you'll be happy.
0
 
jazzyjeff84Author Commented:
At moment the pix is configured for static address how do i make it so it can also accept dynamic external address can you provide a example?
0
 
lrmooreCommented:
The client has to know your public IP of your PIX regardless if it is static or dynamic. If you are using dynamic external IP it makes itm uch more challenging for remote users. You will have to use something like dyndns.org and register whatever IP address you get, then re-register it whenever it changes. The clients just go to yourhost.dyndns.org and connect.
0
 
jazzyjeff84Author Commented:
does this mean the has to have dns installed
0
 
jazzyjeff84Author Commented:
the server has to have dns capabilities
0
 
lrmooreCommented:
You don't need your own dns server, just use a free dynamic dns host, like dyndns.org
0
 
Computer101Commented:
Forced accept.

Computer101
EE Admin
0

Featured Post

Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

  • 5
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now