Velocity Reviews

Velocity Reviews (http://www.velocityreviews.com/forums/index.php)
-   Cisco (http://www.velocityreviews.com/forums/f27-cisco.html)
-   -   connecting a Cisco 2610 to a Cisco PIX Firewall (http://www.velocityreviews.com/forums/t30097-connecting-a-cisco-2610-to-a-cisco-pix-firewall.html)

paul 11-10-2003 04:29 PM

connecting a Cisco 2610 to a Cisco PIX Firewall
 
I need assistance with a configuration.

I have a cisco 2610 router in the office here.
I need to connect to a customers site over our ADSL using a 3DES VPN.

Our customer has a PIX515 Firewall and needs me to give him a
configuration to paste onto the firewall.

I have never set up a PIX515 before.
We have a number of router to router VPNs set up but none to a
firewall.

Any config advice would be appreciated.
Preferably something I could just ammend with the relevant IP
Addresses and paste onto the PIX and router

Thanks

Peter Rowe 11-10-2003 04:48 PM

Re: connecting a Cisco 2610 to a Cisco PIX Firewall
 
For a Pix 501 I have used:-

access-list site-to-site permit ip PIXIP PIXMASK YOURSITEIP YOURMASK (this is to encrypt the traffic from site-to-site)
access-list noNAT permit ip PIXIP PIXMASK YOURSITEIP YOURMASK (This is your NAT Exception for the VPN Traffic)

nat (inside) 0 access-list noNAT
sysopt connection permit-ipsec
crypto ipsec transform-set prop1 esp-des esp-md5-hmac
crypto map my-map 20 ipsec-isakmp
crypto map my-map 20 match address site-to-site
crypto map my-map 20 set peer YOURIP
crypto map my-map 20 set transform-set prop1

isakmp enable outside
isakmp key ******** address YOURROUTER netmask 255.255.255.255 no-xauth no-config-

isakmp policy 25 authentication pre-share
isakmp policy 25 encryption des
isakmp policy 25 hash md5
isakmp policy 25 group 2
isakmp policy 25 lifetime 86400

Also rememer that the access list on the Router must have IP Permit commands to allow traffic from the PIX Private side (which is unusual if you are used to router-router VPN's!)

Regards
Peter.



>>> paul<parmstrong@p-ccomms.com> 10/11/2003 16:29:57 >>>

I need assistance with a configuration.

I have a cisco 2610 router in the office here.
I need to connect to a customers site over our ADSL using a 3DES VPN.

Our customer has a PIX515 Firewall and needs me to give him a
configuration to paste onto the firewall.

I have never set up a PIX515 before.
We have a number of router to router VPNs set up but none to a
firewall.

Any config advice would be appreciated.
Preferably something I could just ammend with the relevant IP
Addresses and paste onto the PIX and router

Thanks




All times are GMT. The time now is 02:59 PM.

Powered by vBulletin®. Copyright ©2000 - 2014, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.