Solved

setting up site to site VPN on cisco pix 501

Posted on 2009-05-06
4
359 Views
Last Modified: 2012-05-06
HI
Please can someone advise me on configuring a site to site VPN

We currently have one lan to lan vpn setup between here and usa but i need to setup 3 more.

setup

our head office is in uk and currently have one remote site in the USA but we will have 3 more online shortly, all site will use the vpn to access the Terminal sever.

I can post the config of the cisco pix if it will help ?

can someone please provide a step by step guide for setting up a lan to lan vpn connection on the cisco pix 501.

thanks

0
Comment
Question by:MARKWILKY
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 6

Expert Comment

by:ricks_v
ID: 24320980
you will start with collecting these information:

3 internet addresses and 3 LAN addresses that they will be using.

you would use the command:
UK PIX:
#crypto map outside_map 40 ipsec-isakmp
#crypto map outside_map 40 match address outside_cryptomap_40
#crypto map outside_map 40 set peer x.x.x.x
#crypto map outside_map 40 set transform-set ESP-DES-MD5

#isakmp key x.x.x.xaddress MEXASA netmask 255.255.255.255 no-xauth no-config-mode

#access-list outside_cryptomap_40 permit ip y.y.y.y 255.255.0.0 z.z.z.z 255.255.0.0

#sysopt connection permit-ipsec

Note
x.x.x.x is the new site internet IP
y.y.y.y is the UK LAN IP
z.z.z.z newsite LAN IP

More info check: http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080094761.shtml

hope this helps


0
 

Author Comment

by:MARKWILKY
ID: 24321273
thanks

were do i input the pre shared key?
once i have done that, is that the VPN connection setup or is there more to config. I persmue if that it once the remote site is configured the VPN will auto start.

and then i do excatly same for other sites just changing the new site internet ip and lan ip

thanks for your help, as i said i am very new to cisco. i have setup many vpn but using other GUI products.

0
 

Author Comment

by:MARKWILKY
ID: 24321295
hi again

have you got a lise of commands that might be useful in configuring, testing and dianoging issues on pix....

soorry to be a pest ...think i need to go on a course ....

thanks
0
 
LVL 6

Accepted Solution

by:
ricks_v earned 500 total points
ID: 24322162
sorry wrong command for the preshared key
#isakmp key x.x.x.xaddress MEXASA netmask 255.255.255.255 no-xauth no-config-mode
it suppose to be:
isakmp key ******** address x.x.x.x netmask 255.255.255.255 no-xauth no-config-mode

** = preshared key
xx= internet ip of peer device.

usefull commands for ipsec and isakmp (these are protocol we are using) are:

#debug crypto ipsec
#debug crypto isakmp

to view:

#show log

to cancel
#no debug crypto ipsec
#no debug crypto isakmp
0

Featured Post

Don't Miss ATEN at InfoComm 2017!

Visit booth #2167 to see the  new ATEN VM3200 32 x 32 Modular Matrix Switch. Other highlights include the VE8950 4K HDMI Over IP Extender, VS1912 12-Port DP Video Wall Media Player  and VK2100 ATEN Control System. Register now with Free Pass Code ATEN288!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Powerful tools can do wonders, but only in the right hands.  Nowhere is this more obvious than with the cloud.
You deserve ‘straight talk’ from your cloud provider about your risk, your costs, security, uptime and the processes that are in place to protect your mission-critical applications.
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question