[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 910
  • Last Modified:

How to set up Site to Site VPN on Cisco PIX Ver. 6.3 (4)

How do I set up a Site to Site VPN

Peer IP Address:  9.9.9.9  
IKE Version 2
Local Network:   4.3.2.1/29
Remote Network:  17vp2.20.1.0/29
Preshared Key:  CCA-VPN-123
Encryption Alg IPSEC ESP-3DES-SHA
NO PFS
Traffic should be Exempt
SA Time = 8:0:0
SA Traffic 4608000
Bidirectional.  


Looking for the commands to enter step by step to accomplish this.
Thanks
0
marchopkins
Asked:
marchopkins
  • 2
1 Solution
 
GiladnCommented:
you can find it very clean in this link:

http://www.cisco.com/en/US/docs/security/pix/pix63/configuration/guide/sit2site.html

looks simple, post back if you are having problems..

G
0
 
Pete LongTechnical ConsultantCommented:
PIX version 6 does not support IKE version 2 :(

Pete
0
 
Pete LongTechnical ConsultantCommented:
But IKE v1.................

access-list 101 permit ip 4.3.2.1 255.255.255.248 172.20.1.0 255.255.255.248
access-list 102 permit ip 4.3.2.1 255.255.255.248 172.20.1.0 255.255.255.248
nat (inside) 0 access-list 101
sysopt connection permit-ipsec
crypto ipsec transform-set USEME esp-3des esp-sha-hmac
crypto map sitevpn 10 ipsec-isakmp
crypto map sitevpn 10 10 match address 102
crypto map sitevpn 10 10 set pfs group2
crypto map sitevpn 10 10 set peer 9.9.9.9
crypto map sitevpn 10 10 set transform-set USEME
crypto map sitevpn 10 interface outside
isakmp enable outside
isakmp key CCA-VPN-123 address 9.9.9.9 netmask 255.255.255.225
isakmp identity address
isakmp keepalive 20
isakmp policy 10 authentication pre-share
isakmp policy 10 encryption 3des
isakmp policy 10 hash sha
isakmp policy 10 group 2
isakmp policy 10 lifetime 86400

Cisco PIX 500 - IPSEC Site to Site VPNs (v6)


Pete
0
 
marchopkinsAuthor Commented:
Just what i asked for ...you da man!!!
0

Featured Post

Prepare for an Exciting Career in Cybersecurity

Help prevent cyber-threats and provide solutions to safeguard our global digital economy. Earn your MS in Cybersecurity. WGU’s MSCSIA degree program curriculum features two internationally recognized certifications from the EC-Council at no additional time or cost.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now