Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

setting up site to site VPN on cisco pix 501

Posted on 2009-05-06
4
Medium Priority
?
368 Views
Last Modified: 2012-05-06
HI
Please can someone advise me on configuring a site to site VPN

We currently have one lan to lan vpn setup between here and usa but i need to setup 3 more.

setup

our head office is in uk and currently have one remote site in the USA but we will have 3 more online shortly, all site will use the vpn to access the Terminal sever.

I can post the config of the cisco pix if it will help ?

can someone please provide a step by step guide for setting up a lan to lan vpn connection on the cisco pix 501.

thanks

0
Comment
Question by:MARKWILKY
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 6

Expert Comment

by:ricks_v
ID: 24320980
you will start with collecting these information:

3 internet addresses and 3 LAN addresses that they will be using.

you would use the command:
UK PIX:
#crypto map outside_map 40 ipsec-isakmp
#crypto map outside_map 40 match address outside_cryptomap_40
#crypto map outside_map 40 set peer x.x.x.x
#crypto map outside_map 40 set transform-set ESP-DES-MD5

#isakmp key x.x.x.xaddress MEXASA netmask 255.255.255.255 no-xauth no-config-mode

#access-list outside_cryptomap_40 permit ip y.y.y.y 255.255.0.0 z.z.z.z 255.255.0.0

#sysopt connection permit-ipsec

Note
x.x.x.x is the new site internet IP
y.y.y.y is the UK LAN IP
z.z.z.z newsite LAN IP

More info check: http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080094761.shtml

hope this helps


0
 

Author Comment

by:MARKWILKY
ID: 24321273
thanks

were do i input the pre shared key?
once i have done that, is that the VPN connection setup or is there more to config. I persmue if that it once the remote site is configured the VPN will auto start.

and then i do excatly same for other sites just changing the new site internet ip and lan ip

thanks for your help, as i said i am very new to cisco. i have setup many vpn but using other GUI products.

0
 

Author Comment

by:MARKWILKY
ID: 24321295
hi again

have you got a lise of commands that might be useful in configuring, testing and dianoging issues on pix....

soorry to be a pest ...think i need to go on a course ....

thanks
0
 
LVL 6

Accepted Solution

by:
ricks_v earned 2000 total points
ID: 24322162
sorry wrong command for the preshared key
#isakmp key x.x.x.xaddress MEXASA netmask 255.255.255.255 no-xauth no-config-mode
it suppose to be:
isakmp key ******** address x.x.x.x netmask 255.255.255.255 no-xauth no-config-mode

** = preshared key
xx= internet ip of peer device.

usefull commands for ipsec and isakmp (these are protocol we are using) are:

#debug crypto ipsec
#debug crypto isakmp

to view:

#show log

to cancel
#no debug crypto ipsec
#no debug crypto isakmp
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question