First, I'd get at least to the 5.x level of IOS on that puppy. The 4.x series seemed to have some issues.
Second, I believe its all in the main user manual for the PIX. I don't actually do the Pix admin much, but I believe I've seen it there when I looked. ------------------------------------------------------ Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis - Formerly Harbinger and Extricity Atlanta, GA > -----Original Message----- > From: Johnny Martinez [mailto:[EMAIL PROTECTED]] > Sent: Thursday, December 19, 2002 6:05 PM > To: NT 2000 Discussions > Subject: RE: PIX VPN > > > As usual Cisco's web pisses me off. > > Here is my problem (aside from there being just too much > extra information > on the site): I am not sure which document I should use for > setting up VPN > on my Cisco PIX 520 firewall. It is running v4.4(2) of the > software. I just > want help on setting up the PIX so my people can VPN from their little > Windows machines at home via dialup or cable/DSL. > > I see Instructions and Guides: > Cisco VPN Solutions Center MPLS Solution Provisioning Guide, 2.2 > Cisco VPN Solutions Center: IPsec Solution Provisioning & > Operations Guide, > 2.0 > Cisco VPN Solutions Center: IPsec Solution Provisioning and Operations > Guide, 2.1 > Cisco VPN Solutions Center: IPsec Solution User Reference, 2.0 > Cisco VPN Solutions Center: IPsec Solution User Reference, 2.1 > Cisco VPN Solutions Center: MPLS Solution Provisioning & > Operations Guide, > 2.1 > Cisco VPN Solutions Center: MPLS Solution User Reference, 2.0 > VPNSC IPsec Solution Provisioning Guide, 2.2 > VPNSC MPLS User Guide, 1.1 > > Unders Installation Guides Books: > Cisco VPN Solutions Center Installation Guide, 2.0 > Cisco VPN Solutions Center Installation Guide, 2.1 > Cisco VPN Solutions Center Installation Guide, 2.2 > Cisco VPN Solutions Center: MPLS Solution Installation Guide, 1.2 > VPNSC MPLS Installation Guide, 1.1 > > User Guide Books: > Cisco VPN Solutions Center MPLS Solution Provisioning Guide, 2.2 > Cisco VPN Solutions Center: IPsec Solution Provisioning & > Operations Guide, > 2.0 > Cisco VPN Solutions Center: IPsec Solution Provisioning and Operations > Guide, 2.1 > Cisco VPN Solutions Center: IPsec Solution User Reference, 2.0 > Cisco VPN Solutions Center: IPsec Solution User Reference, 2.1 > Cisco VPN Solutions Center: MPLS Solution Provisioning & > Operations Guide, > 2.1 > Cisco VPN Solutions Center: MPLS Solution User Reference, 2.0 > VPNSC IPsec Solution Provisioning Guide, 2.2 > VPNSC MPLS User Guide, 1.1 > > I really REALLY REALLY HATE CISCOS WEB! > > Johnny > > -----Original Message----- > From: Randall Yoo [mailto:[EMAIL PROTECTED]] > Sent: Thursday, December 19, 2002 12:18 PM > To: NT 2000 Discussions > Subject: RE: PIX VPN > > > ISDL? ewww only 144 kbps.. > > > Randall > > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Roger Seielstad > Sent: Thursday, December 19, 2002 12:13 PM > To: NT 2000 Discussions > Subject: RE: PIX VPN > > > > For many residential DSL subscribers (the same ones who > > probably are the VPN > > clients), there isn't any choice. :) > > Yeah there is - its just not always attractive. I'm using > ISDL because of a > combination of distance and PPPoE. I can get faster via the > telco, but their > service is crap, and PPPoE makes it worse. So I surf a bit slow. > > ------------------------------------------------------ > Roger D. Seielstad - MCSE > Sr. Systems Administrator > Inovis - Formerly Harbinger and Extricity > Atlanta, GA > > > > -----Original Message----- > > From: Randall Yoo [mailto:[EMAIL PROTECTED]] > > Sent: Thursday, December 19, 2002 2:58 PM > > To: NT 2000 Discussions > > Subject: RE: PIX VPN > > > > > > Things like SBC/PacBell's Extranet 300 (OEM'd by Speedstream, > > now bought by > > Siemens)... although, PPPoE dialers are being replaced more > > and more by > > features built into DSL/Cable routers and SOHO firewalls. > > And, yes, PPPoE > > is evil. > > > > > I only have 1 requirement for DSL providers - and its that > > they don't use > > PPPoE > > > > For many residential DSL subscribers (the same ones who > > probably are the VPN > > clients), there isn't any choice. :) > > > > > > > > Randall > > > > > > > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED]]On Behalf Of > Roger Seielstad > > Sent: Thursday, December 19, 2002 11:43 AM > > To: NT 2000 Discussions > > Subject: RE: PIX VPN > > > > > > PPPoE dialer? What's that? ;) > > > > I only have 1 requirement for DSL providers - and its that > > they don't use > > PPPoE > > > > ------------------------------------------------------ > > Roger D. Seielstad - MCSE > > Sr. Systems Administrator > > Inovis - Formerly Harbinger and Extricity > > Atlanta, GA > > > > > > > -----Original Message----- > > > From: Robert Gonzaga (306) [mailto:[EMAIL PROTECTED]] > > > Sent: Thursday, December 19, 2002 2:21 PM > > > To: NT 2000 Discussions > > > Subject: RE: PIX VPN > > > > > > > > > Right. Like your PPPoE dialer. > > > > > > -----Original Message----- > > > From: Roger Seielstad [mailto:[EMAIL PROTECTED]] > > > Sent: Thursday, December 19, 2002 11:25 AM > > > To: NT 2000 Discussions > > > Subject: RE: PIX VPN > > > > > > True. Nice thing about the Cisco client is that it can also > > call a DUN > > > entry, so it can dial connect, then connect via VPN, then log in. > > > > > > ------------------------------------------------------ > > > Roger D. Seielstad - MCSE > > > Sr. Systems Administrator > > > Inovis - Formerly Harbinger and Extricity > > > Atlanta, GA > > > > > > > > > > -----Original Message----- > > > > From: Randall Yoo [mailto:[EMAIL PROTECTED]] > > > > Sent: Thursday, December 19, 2002 2:16 PM > > > > To: NT 2000 Discussions > > > > Subject: RE: PIX VPN > > > > > > > > > > > > Very cool, same effect. > > > > > > > > > > > > Randall > > > > > > > > > > > > > > > > -----Original Message----- > > > > From: [EMAIL PROTECTED] > > > > [mailto:[EMAIL PROTECTED]]On Behalf Of > > > Roger Seielstad > > > > Sent: Thursday, December 19, 2002 04:31 AM > > > > To: NT 2000 Discussions > > > > Subject: RE: PIX VPN > > > > > > > > > > > > Nope - it allows you to fire off the VPN client before the > > > > GINA process > > > > takes over. From the Client Help docs: > > > > > > > > What happens when you use Start Before Logon > > > > When start before logon is active, the following events occur > > > > when your > > > > system starts: > > > > > > > > -Your system logon dialog box displays. Other messages might > > > > display as > > > > well, depending on your setup. Wait until you see the VPN > > > > Dialer start. > > > > -The VPN Dialer starts and displays the connection dialog > > > box over the > > > > system logon dialog box. > > > > -You establish your connection to the private network of the > > > > VPN Device. > > > > -Then you log on to your system. > > > > > > > > ------------------------------------------------------ > > > > Roger D. Seielstad - MCSE > > > > Sr. Systems Administrator > > > > Inovis - Formerly Harbinger and Extricity > > > > Atlanta, GA > > > > > > > > > > > > > -----Original Message----- > > > > > From: Randall Yoo [mailto:[EMAIL PROTECTED]] > > > > > Sent: Wednesday, December 18, 2002 5:54 PM > > > > > To: NT 2000 Discussions > > > > > Subject: RE: PIX VPN > > > > > > > > > > > > > > > If you mean by checking the "Log on using dial-up connection" > > > > > checkbox ON, > > > > > that's fine for dial-up VPN. What do you have to do if the > > > > > user is on a > > > > > broadband connection...? > > > > > > > > > > > > > > > Randall > > > > > > > > > > > > > > > > > > > > -----Original Message----- > > > > > From: [EMAIL PROTECTED] > > > > > [mailto:[EMAIL PROTECTED]]On Behalf Of > > > > Robert Gonzaga > > > > > (306) > > > > > Sent: Wednesday, December 18, 2002 02:45 PM > > > > > To: NT 2000 Discussions > > > > > Subject: RE: PIX VPN > > > > > > > > > > > > > > > No. The only thing you can do is have the Cisco dialer open > > > > > when you hit > > > > > ctrl-alt-del so have the tunnel built for the login process. > > > > > > > > > > -----Original Message----- > > > > > From: Randall Yoo [mailto:[EMAIL PROTECTED]] > > > > > Sent: Wednesday, December 18, 2002 2:35 PM > > > > > To: NT 2000 Discussions > > > > > Subject: RE: PIX VPN > > > > > > > > > > I haven't used Cisco VPN client in a while. Do their current > > > > > versions run > > > > > as service (in Windows) when installed...? > > > > > > > > > > > > > > > Randall > > > > > > > > > > > > > > > -----Original Message----- > > > > > From: [EMAIL PROTECTED] > > > > > [mailto:[EMAIL PROTECTED]]On Behalf Of Martin > > > > > Blackstone > > > > > Sent: Wednesday, December 18, 2002 01:47 PM > > > > > To: NT 2000 Discussions > > > > > Subject: RE: PIX VPN > > > > > > > > > > > > > > > You can use either the Windows VPN dialer or the Cisco > > > > > Dialer. Either way, > > > > > both are very easy to setup. > > > > > > > > > > -----Original Message----- > > > > > From: Johnny Martinez [mailto:[EMAIL PROTECTED]] > > > > > Sent: Wednesday, December 18, 2002 1:26 PM > > > > > To: NT 2000 Discussions > > > > > Subject: RE: PIX VPN > > > > > > > > > > > > > > > wow really? nice. I'm curious as to how the client side works > > > > > though. Can > > > > > you tell me? > > > > > > > > > > -----Original Message----- > > > > > From: Martin Blackstone > [mailto:[EMAIL PROTECTED]] > > > > > Sent: Wednesday, December 18, 2002 12:34 PM > > > > > To: NT 2000 Discussions > > > > > Subject: RE: PIX VPN > > > > > > > > > > > > > > > Oh yea. I got one one of those. It took longer to unbox and > > > > > rack mount than > > > > > it did to configure it. > > > > > > > > > > -----Original Message----- > > > > > From: Robert Gonzaga (306) [mailto:[EMAIL PROTECTED]] > > > > > Sent: Wednesday, December 18, 2002 12:10 PM > > > > > To: NT 2000 Discussions > > > > > Subject: RE: PIX VPN > > > > > > > > > > > > > > > I went with the Cisco VPN Concentrator 3005. Really easy to > > > > > configure. You > > > > > can buy them used. > > > > > > > > > > -----Original Message----- > > > > > From: King, John [mailto:[EMAIL PROTECTED]] > > > > > Sent: Wednesday, December 18, 2002 12:07 PM > > > > > To: NT 2000 Discussions > > > > > Subject: RE: PIX VPN > > > > > > > > > > What version of the PIX software to do you? There are some > > > > > limitations on > > > > > the older versions if I do remember correctly. I upgraded > > > > > our PIX to 6.1(1) > > > > > to get proper IPsec functionality. This link will probably > > > > > show you what > > > > > you need to know to get a VPN up and running. > > > > > http://www.cisco.com/en/US/customer/products/hw/vpndevc/ps2030 > > > > /products_conf > > > > iguration_example09186a00800948b8.shtml > > > > > > > > You will of coarse need a Cisco CCO login. > > > > > > > > Good luck, > > > > John > > > > > > > > -----Original Message----- > > > > From: Johnny Martinez [mailto:[EMAIL PROTECTED]] > > > > Sent: Wednesday, December 18, 2002 1:36 PM > > > > To: NT 2000 Discussions > > > > Subject: PIX VPN > > > > > > > > > > > > Hi all, > > > > I'm having trouble finding information on setting up my PIX > > > > for VPN'ing. > > > > Does anyone have experience with this or know a good online > > > > information > > > > base? > > > > > > > > Johnny > > > > > > > > > > > > > > > > > > > > > > > > ------ > > > > You are subscribed as [EMAIL PROTECTED] > > > > Archives: http://www.swynk.com/sitesearch/search.asp > > > > To unsubscribe send a blank email to %%email.unsub%% > > > > > > > > > > > > ------ > > > > You are subscribed as [EMAIL PROTECTED] > > > > Archives: http://www.swynk.com/sitesearch/search.asp > > > > To unsubscribe send a blank email to %%email.unsub%% > > > > > > > > ------ > > > > You are subscribed as [EMAIL PROTECTED] > > > > Archives: http://www.swynk.com/sitesearch/search.asp > > > > To unsubscribe send a blank email to %%email.unsub%% > > > > > > > > > > > > ------ > > > > You are subscribed as [EMAIL PROTECTED] > > > > Archives: http://www.swynk.com/sitesearch/search.asp > > > > To unsubscribe send a blank email to %%email.unsub%% > > > > > > > > > > ------ > > > You are subscribed as [EMAIL PROTECTED] > > > Archives: http://www.swynk.com/sitesearch/search.asp > > > To unsubscribe send a blank email to %%email.unsub%% > > > > > > ------ > > > You are subscribed as [EMAIL PROTECTED] > > > Archives: http://www.swynk.com/sitesearch/search.asp > > > To unsubscribe send a blank email to %%email.unsub%% > > > > > > > ------ > > You are subscribed as [EMAIL PROTECTED] > > Archives: http://www.swynk.com/sitesearch/search.asp > > To unsubscribe send a blank email to %%email.unsub%% > > > > > > ------ > > You are subscribed as [EMAIL PROTECTED] > > Archives: http://www.swynk.com/sitesearch/search.asp > > To unsubscribe send a blank email to %%email.unsub%% > > > > ------ > You are subscribed as [EMAIL PROTECTED] > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe send a blank email to %%email.unsub%% > > > ------ > You are subscribed as [EMAIL PROTECTED] > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe send a blank email to %%email.unsub%% > > ------ > You are subscribed as [EMAIL PROTECTED] > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe send a blank email to %%email.unsub%% > ------ You are subscribed as [email protected] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED]
