Solved

setting up site to site VPN on cisco pix 501

Posted on 2009-05-06
4
360 Views
Last Modified: 2012-05-06
HI
Please can someone advise me on configuring a site to site VPN

We currently have one lan to lan vpn setup between here and usa but i need to setup 3 more.

setup

our head office is in uk and currently have one remote site in the USA but we will have 3 more online shortly, all site will use the vpn to access the Terminal sever.

I can post the config of the cisco pix if it will help ?

can someone please provide a step by step guide for setting up a lan to lan vpn connection on the cisco pix 501.

thanks

0
Comment
Question by:MARKWILKY
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 6

Expert Comment

by:ricks_v
ID: 24320980
you will start with collecting these information:

3 internet addresses and 3 LAN addresses that they will be using.

you would use the command:
UK PIX:
#crypto map outside_map 40 ipsec-isakmp
#crypto map outside_map 40 match address outside_cryptomap_40
#crypto map outside_map 40 set peer x.x.x.x
#crypto map outside_map 40 set transform-set ESP-DES-MD5

#isakmp key x.x.x.xaddress MEXASA netmask 255.255.255.255 no-xauth no-config-mode

#access-list outside_cryptomap_40 permit ip y.y.y.y 255.255.0.0 z.z.z.z 255.255.0.0

#sysopt connection permit-ipsec

Note
x.x.x.x is the new site internet IP
y.y.y.y is the UK LAN IP
z.z.z.z newsite LAN IP

More info check: http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080094761.shtml

hope this helps


0
 

Author Comment

by:MARKWILKY
ID: 24321273
thanks

were do i input the pre shared key?
once i have done that, is that the VPN connection setup or is there more to config. I persmue if that it once the remote site is configured the VPN will auto start.

and then i do excatly same for other sites just changing the new site internet ip and lan ip

thanks for your help, as i said i am very new to cisco. i have setup many vpn but using other GUI products.

0
 

Author Comment

by:MARKWILKY
ID: 24321295
hi again

have you got a lise of commands that might be useful in configuring, testing and dianoging issues on pix....

soorry to be a pest ...think i need to go on a course ....

thanks
0
 
LVL 6

Accepted Solution

by:
ricks_v earned 500 total points
ID: 24322162
sorry wrong command for the preshared key
#isakmp key x.x.x.xaddress MEXASA netmask 255.255.255.255 no-xauth no-config-mode
it suppose to be:
isakmp key ******** address x.x.x.x netmask 255.255.255.255 no-xauth no-config-mode

** = preshared key
xx= internet ip of peer device.

usefull commands for ipsec and isakmp (these are protocol we are using) are:

#debug crypto ipsec
#debug crypto isakmp

to view:

#show log

to cancel
#no debug crypto ipsec
#no debug crypto isakmp
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On Feb. 28, Amazon’s Simple Storage Service (S3) went down after an employee issued the wrong command during a debugging exercise. Among those affected were big names like Netflix, Spotify and Expedia.
Let’s face it: one of the reasons your organization chose a SaaS solution (whether Microsoft Dynamics 365, Netsuite or SAP) is that it is subscription-based. The upkeep is done. Or so you think.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Suggested Courses

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question