Solved

setting up site to site VPN on cisco pix 501

Posted on 2009-05-06
4
354 Views
Last Modified: 2012-05-06
HI
Please can someone advise me on configuring a site to site VPN

We currently have one lan to lan vpn setup between here and usa but i need to setup 3 more.

setup

our head office is in uk and currently have one remote site in the USA but we will have 3 more online shortly, all site will use the vpn to access the Terminal sever.

I can post the config of the cisco pix if it will help ?

can someone please provide a step by step guide for setting up a lan to lan vpn connection on the cisco pix 501.

thanks

0
Comment
Question by:MARKWILKY
  • 2
  • 2
4 Comments
 
LVL 6

Expert Comment

by:ricks_v
ID: 24320980
you will start with collecting these information:

3 internet addresses and 3 LAN addresses that they will be using.

you would use the command:
UK PIX:
#crypto map outside_map 40 ipsec-isakmp
#crypto map outside_map 40 match address outside_cryptomap_40
#crypto map outside_map 40 set peer x.x.x.x
#crypto map outside_map 40 set transform-set ESP-DES-MD5

#isakmp key x.x.x.xaddress MEXASA netmask 255.255.255.255 no-xauth no-config-mode

#access-list outside_cryptomap_40 permit ip y.y.y.y 255.255.0.0 z.z.z.z 255.255.0.0

#sysopt connection permit-ipsec

Note
x.x.x.x is the new site internet IP
y.y.y.y is the UK LAN IP
z.z.z.z newsite LAN IP

More info check: http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080094761.shtml

hope this helps


0
 

Author Comment

by:MARKWILKY
ID: 24321273
thanks

were do i input the pre shared key?
once i have done that, is that the VPN connection setup or is there more to config. I persmue if that it once the remote site is configured the VPN will auto start.

and then i do excatly same for other sites just changing the new site internet ip and lan ip

thanks for your help, as i said i am very new to cisco. i have setup many vpn but using other GUI products.

0
 

Author Comment

by:MARKWILKY
ID: 24321295
hi again

have you got a lise of commands that might be useful in configuring, testing and dianoging issues on pix....

soorry to be a pest ...think i need to go on a course ....

thanks
0
 
LVL 6

Accepted Solution

by:
ricks_v earned 500 total points
ID: 24322162
sorry wrong command for the preshared key
#isakmp key x.x.x.xaddress MEXASA netmask 255.255.255.255 no-xauth no-config-mode
it suppose to be:
isakmp key ******** address x.x.x.x netmask 255.255.255.255 no-xauth no-config-mode

** = preshared key
xx= internet ip of peer device.

usefull commands for ipsec and isakmp (these are protocol we are using) are:

#debug crypto ipsec
#debug crypto isakmp

to view:

#show log

to cancel
#no debug crypto ipsec
#no debug crypto isakmp
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you have an ASA5510 then this sort of thing would be better handled with a CSC Module, however on an ASA5505 thats not an option, and if you want to throw in a quick solution to stop your staff going to facebook during work time, then this is the…
OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question