Sorry. 4.4 will not support the VPN (Remote access) that you are looking for. You need MIN 5.1, 6.2(2) optimal. You also need the DES or 3DES licence. Run a "show ver" You will see it there.
I set up about 8 of these a month on average.
If you need, contact me direct if you have specific questions. that might be outside the scope (security) of the List.
-James
At 17:05 12/19/02, Johnny Martinez wrote:
As usual Cisco's web pisses me off. Here is my problem (aside from there being just too much extra information on the site): I am not sure which document I should use for setting up VPN on my Cisco PIX 520 firewall. It is running v4.4(2) of the software. I just want help on setting up the PIX so my people can VPN from their little Windows machines at home via dialup or cable/DSL.I see Instructions and Guides: Cisco VPN Solutions Center MPLS Solution Provisioning Guide, 2.2 Cisco VPN Solutions Center: IPsec Solution Provisioning & Operations Guide, 2.0 Cisco VPN Solutions Center: IPsec Solution Provisioning and Operations Guide, 2.1 Cisco VPN Solutions Center: IPsec Solution User Reference, 2.0 Cisco VPN Solutions Center: IPsec Solution User Reference, 2.1 Cisco VPN Solutions Center: MPLS Solution Provisioning & Operations Guide, 2.1 Cisco VPN Solutions Center: MPLS Solution User Reference, 2.0 VPNSC IPsec Solution Provisioning Guide, 2.2 VPNSC MPLS User Guide, 1.1 Unders Installation Guides Books: Cisco VPN Solutions Center Installation Guide, 2.0 Cisco VPN Solutions Center Installation Guide, 2.1 Cisco VPN Solutions Center Installation Guide, 2.2 Cisco VPN Solutions Center: MPLS Solution Installation Guide, 1.2 VPNSC MPLS Installation Guide, 1.1 User Guide Books: Cisco VPN Solutions Center MPLS Solution Provisioning Guide, 2.2 Cisco VPN Solutions Center: IPsec Solution Provisioning & Operations Guide, 2.0 Cisco VPN Solutions Center: IPsec Solution Provisioning and Operations Guide, 2.1 Cisco VPN Solutions Center: IPsec Solution User Reference, 2.0 Cisco VPN Solutions Center: IPsec Solution User Reference, 2.1 Cisco VPN Solutions Center: MPLS Solution Provisioning & Operations Guide, 2.1 Cisco VPN Solutions Center: MPLS Solution User Reference, 2.0 VPNSC IPsec Solution Provisioning Guide, 2.2 VPNSC MPLS User Guide, 1.1 I really REALLY REALLY HATE CISCOS WEB! Johnny -----Original Message----- From: Randall Yoo [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 19, 2002 12:18 PM To: NT 2000 Discussions Subject: RE: PIX VPN ISDL? ewww only 144 kbps.. Randall -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Roger Seielstad Sent: Thursday, December 19, 2002 12:13 PM To: NT 2000 Discussions Subject: RE: PIX VPN > For many residential DSL subscribers (the same ones who > probably are the VPN > clients), there isn't any choice. :) Yeah there is - its just not always attractive. I'm using ISDL because of a combination of distance and PPPoE. I can get faster via the telco, but their service is crap, and PPPoE makes it worse. So I surf a bit slow. ------------------------------------------------------ Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis - Formerly Harbinger and Extricity Atlanta, GA > -----Original Message----- > From: Randall Yoo [mailto:[EMAIL PROTECTED]] > Sent: Thursday, December 19, 2002 2:58 PM > To: NT 2000 Discussions > Subject: RE: PIX VPN > > > Things like SBC/PacBell's Extranet 300 (OEM'd by Speedstream, > now bought by > Siemens)... although, PPPoE dialers are being replaced more > and more by > features built into DSL/Cable routers and SOHO firewalls. > And, yes, PPPoE > is evil. > > > I only have 1 requirement for DSL providers - and its that > they don't use > PPPoE > > For many residential DSL subscribers (the same ones who > probably are the VPN > clients), there isn't any choice. :) > > > > Randall > > > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Roger Seielstad > Sent: Thursday, December 19, 2002 11:43 AM > To: NT 2000 Discussions > Subject: RE: PIX VPN > > > PPPoE dialer? What's that? ;) > > I only have 1 requirement for DSL providers - and its that > they don't use > PPPoE > > ------------------------------------------------------ > Roger D. Seielstad - MCSE > Sr. Systems Administrator > Inovis - Formerly Harbinger and Extricity > Atlanta, GA > > > > -----Original Message----- > > From: Robert Gonzaga (306) [mailto:[EMAIL PROTECTED]] > > Sent: Thursday, December 19, 2002 2:21 PM > > To: NT 2000 Discussions > > Subject: RE: PIX VPN > > > > > > Right. Like your PPPoE dialer. > > > > -----Original Message----- > > From: Roger Seielstad [mailto:[EMAIL PROTECTED]] > > Sent: Thursday, December 19, 2002 11:25 AM > > To: NT 2000 Discussions > > Subject: RE: PIX VPN > > > > True. Nice thing about the Cisco client is that it can also > call a DUN > > entry, so it can dial connect, then connect via VPN, then log in. > > > > ------------------------------------------------------ > > Roger D. Seielstad - MCSE > > Sr. Systems Administrator > > Inovis - Formerly Harbinger and Extricity > > Atlanta, GA > > > > > > > -----Original Message----- > > > From: Randall Yoo [mailto:[EMAIL PROTECTED]] > > > Sent: Thursday, December 19, 2002 2:16 PM > > > To: NT 2000 Discussions > > > Subject: RE: PIX VPN > > > > > > > > > Very cool, same effect. > > > > > > > > > Randall > > > > > > > > > > > > -----Original Message----- > > > From: [EMAIL PROTECTED] > > > [mailto:[EMAIL PROTECTED]]On Behalf Of > > Roger Seielstad > > > Sent: Thursday, December 19, 2002 04:31 AM > > > To: NT 2000 Discussions > > > Subject: RE: PIX VPN > > > > > > > > > Nope - it allows you to fire off the VPN client before the > > > GINA process > > > takes over. From the Client Help docs: > > > > > > What happens when you use Start Before Logon > > > When start before logon is active, the following events occur > > > when your > > > system starts: > > > > > > -Your system logon dialog box displays. Other messages might > > > display as > > > well, depending on your setup. Wait until you see the VPN > > > Dialer start. > > > -The VPN Dialer starts and displays the connection dialog > > box over the > > > system logon dialog box. > > > -You establish your connection to the private network of the > > > VPN Device. > > > -Then you log on to your system. > > > > > > ------------------------------------------------------ > > > Roger D. Seielstad - MCSE > > > Sr. Systems Administrator > > > Inovis - Formerly Harbinger and Extricity > > > Atlanta, GA > > > > > > > > > > -----Original Message----- > > > > From: Randall Yoo [mailto:[EMAIL PROTECTED]] > > > > Sent: Wednesday, December 18, 2002 5:54 PM > > > > To: NT 2000 Discussions > > > > Subject: RE: PIX VPN > > > > > > > > > > > > If you mean by checking the "Log on using dial-up connection" > > > > checkbox ON, > > > > that's fine for dial-up VPN. What do you have to do if the > > > > user is on a > > > > broadband connection...? > > > > > > > > > > > > Randall > > > > > > > > > > > > > > > > -----Original Message----- > > > > From: [EMAIL PROTECTED] > > > > [mailto:[EMAIL PROTECTED]]On Behalf Of > > > Robert Gonzaga > > > > (306) > > > > Sent: Wednesday, December 18, 2002 02:45 PM > > > > To: NT 2000 Discussions > > > > Subject: RE: PIX VPN > > > > > > > > > > > > No. The only thing you can do is have the Cisco dialer open > > > > when you hit > > > > ctrl-alt-del so have the tunnel built for the login process. > > > > > > > > -----Original Message----- > > > > From: Randall Yoo [mailto:[EMAIL PROTECTED]] > > > > Sent: Wednesday, December 18, 2002 2:35 PM > > > > To: NT 2000 Discussions > > > > Subject: RE: PIX VPN > > > > > > > > I haven't used Cisco VPN client in a while. Do their current > > > > versions run > > > > as service (in Windows) when installed...? > > > > > > > > > > > > Randall > > > > > > > > > > > > -----Original Message----- > > > > From: [EMAIL PROTECTED] > > > > [mailto:[EMAIL PROTECTED]]On Behalf Of Martin > > > > Blackstone > > > > Sent: Wednesday, December 18, 2002 01:47 PM > > > > To: NT 2000 Discussions > > > > Subject: RE: PIX VPN > > > > > > > > > > > > You can use either the Windows VPN dialer or the Cisco > > > > Dialer. Either way, > > > > both are very easy to setup. > > > > > > > > -----Original Message----- > > > > From: Johnny Martinez [mailto:[EMAIL PROTECTED]] > > > > Sent: Wednesday, December 18, 2002 1:26 PM > > > > To: NT 2000 Discussions > > > > Subject: RE: PIX VPN > > > > > > > > > > > > wow really? nice. I'm curious as to how the client side works > > > > though. Can > > > > you tell me? > > > > > > > > -----Original Message----- > > > > From: Martin Blackstone [mailto:[EMAIL PROTECTED]] > > > > Sent: Wednesday, December 18, 2002 12:34 PM > > > > To: NT 2000 Discussions > > > > Subject: RE: PIX VPN > > > > > > > > > > > > Oh yea. I got one one of those. It took longer to unbox and > > > > rack mount than > > > > it did to configure it. > > > > > > > > -----Original Message----- > > > > From: Robert Gonzaga (306) [mailto:[EMAIL PROTECTED]] > > > > Sent: Wednesday, December 18, 2002 12:10 PM > > > > To: NT 2000 Discussions > > > > Subject: RE: PIX VPN > > > > > > > > > > > > I went with the Cisco VPN Concentrator 3005. Really easy to > > > > configure. You > > > > can buy them used. > > > > > > > > -----Original Message----- > > > > From: King, John [mailto:[EMAIL PROTECTED]] > > > > Sent: Wednesday, December 18, 2002 12:07 PM > > > > To: NT 2000 Discussions > > > > Subject: RE: PIX VPN > > > > > > > > What version of the PIX software to do you? There are some > > > > limitations on > > > > the older versions if I do remember correctly. I upgraded > > > > our PIX to 6.1(1) > > > > to get proper IPsec functionality. This link will probably > > > > show you what > > > > you need to know to get a VPN up and running. > > > > http://www.cisco.com/en/US/customer/products/hw/vpndevc/ps2030 > > > /products_conf > > > iguration_example09186a00800948b8.shtml > > > > > > You will of coarse need a Cisco CCO login. > > > > > > Good luck, > > > John > > > > > > -----Original Message----- > > > From: Johnny Martinez [mailto:[EMAIL PROTECTED]] > > > Sent: Wednesday, December 18, 2002 1:36 PM > > > To: NT 2000 Discussions > > > Subject: PIX VPN > > > > > > > > > Hi all, > > > I'm having trouble finding information on setting up my PIX > > > for VPN'ing. > > > Does anyone have experience with this or know a good online > > > information > > > base? > > > > > > Johnny > > > > > > > > > > > > > > > > > > ------ > > > You are subscribed as [EMAIL PROTECTED] > > > Archives: http://www.swynk.com/sitesearch/search.asp > > > To unsubscribe send a blank email to %%email.unsub%% > > > > > > > > > ------ > > > You are subscribed as [EMAIL PROTECTED] > > > Archives: http://www.swynk.com/sitesearch/search.asp > > > To unsubscribe send a blank email to %%email.unsub%% > > > > > > ------ > > > You are subscribed as [EMAIL PROTECTED] > > > Archives: http://www.swynk.com/sitesearch/search.asp > > > To unsubscribe send a blank email to %%email.unsub%% > > > > > > > > > ------ > > > You are subscribed as [EMAIL PROTECTED] > > > Archives: http://www.swynk.com/sitesearch/search.asp > > > To unsubscribe send a blank email to %%email.unsub%% > > > > > > > ------ > > You are subscribed as [EMAIL PROTECTED] > > Archives: http://www.swynk.com/sitesearch/search.asp > > To unsubscribe send a blank email to %%email.unsub%% > > > > ------ > > You are subscribed as [EMAIL PROTECTED] > > Archives: http://www.swynk.com/sitesearch/search.asp > > To unsubscribe send a blank email to %%email.unsub%% > > > > ------ > You are subscribed as [EMAIL PROTECTED] > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe send a blank email to %%email.unsub%% > > > ------ > You are subscribed as [EMAIL PROTECTED] > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe send a blank email to %%email.unsub%% > ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to %%email.unsub%% ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to %%email.unsub%% ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to %%email.unsub%%
------ You are subscribed as [email protected] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED]
