How to create a VPN from a Cisco Pix 506 to Cisco 3000 Concentrator

Posted on 2008-06-13
Medium Priority
Last Modified: 2010-04-21
I need help creating a VPN from a Pix to a 3000 Concentrator.  The Concentrator I don't think I should have any issues with, but with the Pix I have basically no knowledge.

Another company has installed one and for us to make the connection, however they don't have the know how to configure it so they've put it my hands.  At this point I only have SSH access to the Pix with logins.  I'm not Cisco Certified so many of the documentation/software I have no access to.  

Please help point me in a good direction or give me some commands to help to get this done.  Thanks
Question by:TTAsupport
  • 2
  • 2
LVL 17

Expert Comment

by:Andres Perales
ID: 21779678
The quickest and easiest way I would tell you is to get https access and use the SDM.  If you can ssh you should be able to enable https access and then hit it that way.

Once in via web their is a vpn wizard, one for point to point tunnels and one for client access...

Author Comment

ID: 21779922
I understand what you're saying, but not how to do it.

I think I know if I type in
http outside
that it will give me http allowed access from that subnet, but how do I do it for https?
LVL 17

Accepted Solution

Andres Perales earned 2000 total points
ID: 21780049
Alright, is the PIX not local to you?  I would not open access to the firewall / pix from the outside.  I thought that you were on the inside trying to get access to the SDM from the inside of the network not the outside.

This link should give you what you need: http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_configuration_example09186a00800949d2.shtml


can you get to these docs?


Author Closing Comment

ID: 31466950
I'll assume your suggestion worked - the person that posted this question is no longer with the company, but he did get the VPN up and running.   Thank you!

Featured Post

We Need Your Input!

WatchGuard is currently running a beta program for our new macOS Host Sensor for our Threat Detection and Response service. We're looking for more macOS users to help provide insight and feedback to help us make the product even better. Please sign up for our beta program today!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
In response to a need for security and privacy, and to continue fostering an environment members can turn to for support, solutions, and education, Experts Exchange has created anonymous question capabilities. This new feature is available to our Pr…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

619 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question