Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 909
  • Last Modified:

How to set up Site to Site VPN on Cisco PIX Ver. 6.3 (4)

How do I set up a Site to Site VPN

Peer IP Address:  9.9.9.9  
IKE Version 2
Local Network:   4.3.2.1/29
Remote Network:  17vp2.20.1.0/29
Preshared Key:  CCA-VPN-123
Encryption Alg IPSEC ESP-3DES-SHA
NO PFS
Traffic should be Exempt
SA Time = 8:0:0
SA Traffic 4608000
Bidirectional.  


Looking for the commands to enter step by step to accomplish this.
Thanks
0
marchopkins
Asked:
marchopkins
  • 2
1 Solution
 
GiladnCommented:
you can find it very clean in this link:

http://www.cisco.com/en/US/docs/security/pix/pix63/configuration/guide/sit2site.html

looks simple, post back if you are having problems..

G
0
 
Pete LongConsultantCommented:
PIX version 6 does not support IKE version 2 :(

Pete
0
 
Pete LongConsultantCommented:
But IKE v1.................

access-list 101 permit ip 4.3.2.1 255.255.255.248 172.20.1.0 255.255.255.248
access-list 102 permit ip 4.3.2.1 255.255.255.248 172.20.1.0 255.255.255.248
nat (inside) 0 access-list 101
sysopt connection permit-ipsec
crypto ipsec transform-set USEME esp-3des esp-sha-hmac
crypto map sitevpn 10 ipsec-isakmp
crypto map sitevpn 10 10 match address 102
crypto map sitevpn 10 10 set pfs group2
crypto map sitevpn 10 10 set peer 9.9.9.9
crypto map sitevpn 10 10 set transform-set USEME
crypto map sitevpn 10 interface outside
isakmp enable outside
isakmp key CCA-VPN-123 address 9.9.9.9 netmask 255.255.255.225
isakmp identity address
isakmp keepalive 20
isakmp policy 10 authentication pre-share
isakmp policy 10 encryption 3des
isakmp policy 10 hash sha
isakmp policy 10 group 2
isakmp policy 10 lifetime 86400

Cisco PIX 500 - IPSEC Site to Site VPNs (v6)


Pete
0
 
marchopkinsAuthor Commented:
Just what i asked for ...you da man!!!
0

Featured Post

New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now