Solved

setting up site to site VPN on cisco pix 501

Posted on 2009-05-06
4
357 Views
Last Modified: 2012-05-06
HI
Please can someone advise me on configuring a site to site VPN

We currently have one lan to lan vpn setup between here and usa but i need to setup 3 more.

setup

our head office is in uk and currently have one remote site in the USA but we will have 3 more online shortly, all site will use the vpn to access the Terminal sever.

I can post the config of the cisco pix if it will help ?

can someone please provide a step by step guide for setting up a lan to lan vpn connection on the cisco pix 501.

thanks

0
Comment
Question by:MARKWILKY
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 6

Expert Comment

by:ricks_v
ID: 24320980
you will start with collecting these information:

3 internet addresses and 3 LAN addresses that they will be using.

you would use the command:
UK PIX:
#crypto map outside_map 40 ipsec-isakmp
#crypto map outside_map 40 match address outside_cryptomap_40
#crypto map outside_map 40 set peer x.x.x.x
#crypto map outside_map 40 set transform-set ESP-DES-MD5

#isakmp key x.x.x.xaddress MEXASA netmask 255.255.255.255 no-xauth no-config-mode

#access-list outside_cryptomap_40 permit ip y.y.y.y 255.255.0.0 z.z.z.z 255.255.0.0

#sysopt connection permit-ipsec

Note
x.x.x.x is the new site internet IP
y.y.y.y is the UK LAN IP
z.z.z.z newsite LAN IP

More info check: http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080094761.shtml

hope this helps


0
 

Author Comment

by:MARKWILKY
ID: 24321273
thanks

were do i input the pre shared key?
once i have done that, is that the VPN connection setup or is there more to config. I persmue if that it once the remote site is configured the VPN will auto start.

and then i do excatly same for other sites just changing the new site internet ip and lan ip

thanks for your help, as i said i am very new to cisco. i have setup many vpn but using other GUI products.

0
 

Author Comment

by:MARKWILKY
ID: 24321295
hi again

have you got a lise of commands that might be useful in configuring, testing and dianoging issues on pix....

soorry to be a pest ...think i need to go on a course ....

thanks
0
 
LVL 6

Accepted Solution

by:
ricks_v earned 500 total points
ID: 24322162
sorry wrong command for the preshared key
#isakmp key x.x.x.xaddress MEXASA netmask 255.255.255.255 no-xauth no-config-mode
it suppose to be:
isakmp key ******** address x.x.x.x netmask 255.255.255.255 no-xauth no-config-mode

** = preshared key
xx= internet ip of peer device.

usefull commands for ipsec and isakmp (these are protocol we are using) are:

#debug crypto ipsec
#debug crypto isakmp

to view:

#show log

to cancel
#no debug crypto ipsec
#no debug crypto isakmp
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've written this article to illustrate how we can implement a Dynamic Multipoint VPN (DMVPN) with both hub and spokes having a dynamically assigned non-broadcast multiple-access (NBMA) network IP (public IP). Here is the basic setup of DMVPN Pha…
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question