Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Cisco PIX and WatchGuard SOHO dynamic VPN connection

Reply
Thread Tools

Cisco PIX and WatchGuard SOHO dynamic VPN connection

 
 
Andy Low
Guest
Posts: n/a
 
      05-07-2004
Hi,

My WG soho is using dynamic IP. Can I setup an IPsec VPN connection to Cisco
PIX?

I have run through the Cisco PIX configuration several times. It seems like
for the dynamic connection for IPsec, Cisco PIX only support Cisco VPN
client.

Regards,

Andy



 
Reply With Quote
 
 
 
 
mh
Guest
Posts: n/a
 
      05-07-2004
Yes Cisco PIX will support inbound VPN connection and yes you will
probably need to use the Cisco VPN.
 
Reply With Quote
 
 
 
 
Joce
Guest
Posts: n/a
 
      05-07-2004
Andy Low wrote:

> Hi,
>
> My WG soho is using dynamic IP. Can I setup an IPsec VPN connection to
> Cisco PIX?
>
> I have run through the Cisco PIX configuration several times. It seems
> like for the dynamic connection for IPsec, Cisco PIX only support Cisco
> VPN client.
>
> Regards,
>
> Andy


You need at least 1 static IP (obviously) and you will have to bring the
tunnel up from the site using dynamic IP.

If your IP doesn't change often, you can "simulate" a static IP for IPSec
but be carefull with this.
 
Reply With Quote
 
Andy Low
Guest
Posts: n/a
 
      05-10-2004
Hi,

If the client is not using static IP address, the Cisco PIX needs to
configure dynamic IPsec settings and assign an IP address from IP Pool. In
Cisco PIX configuration ONLY Cisco VPN client is supported for dynamic VPN
connection ( so far I cannot find other settings that allow other product
IPsec settings).

So does it mean beside Cisco VPN client, there is no way I can Cisco PIX to
other IPsec product using dynamic IP address?

Regards,

Andy

"Joce" <(E-Mail Removed)> wrote in message
news:ISLmc.77164$(E-Mail Removed) ...
> Andy Low wrote:
>
> > Hi,
> >
> > My WG soho is using dynamic IP. Can I setup an IPsec VPN connection to
> > Cisco PIX?
> >
> > I have run through the Cisco PIX configuration several times. It seems
> > like for the dynamic connection for IPsec, Cisco PIX only support Cisco
> > VPN client.
> >
> > Regards,
> >
> > Andy

>
> You need at least 1 static IP (obviously) and you will have to bring the
> tunnel up from the site using dynamic IP.
>
> If your IP doesn't change often, you can "simulate" a static IP for IPSec
> but be carefull with this.



 
Reply With Quote
 
Andy Low
Guest
Posts: n/a
 
      05-10-2004
Hi,

If the client is not using static IP address, the Cisco PIX needs to
configure dynamic IPsec settings and assign an IP address from IP Pool. In
Cisco PIX configuration ONLY Cisco VPN client is supported for dynamic VPN
connection ( so far I cannot find other settings that allow other product
IPsec settings).

So does it mean beside Cisco VPN client, there is no way I can Cisco PIX to
other IPsec product using dynamic IP address?

Regards,

Andy


"mh" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) om...
> Yes Cisco PIX will support inbound VPN connection and yes you will
> probably need to use the Cisco VPN.




 
Reply With Quote
 
Walter Roberson
Guest
Posts: n/a
 
      05-10-2004
In article <c7n8l4$bq2$(E-Mail Removed)>,
Andy Low <(E-Mail Removed)_REMOVE_> wrote:
:If the client is not using static IP address, the Cisco PIX needs to
:configure dynamic IPsec settings and assign an IP address from IP Pool. In
:Cisco PIX configuration ONLY Cisco VPN client is supported for dynamic VPN
:connection ( so far I cannot find other settings that allow other product
:IPsec settings).

If you are using IPSec and you know the -internal- address range of the
remote host, then you can use crypto dynamic maps and nat 0 access-list
in combination. You do not need to assign the address from the PIX
for this to work, and the other end can be using any IPSec that
is compatable with the standards.

If you are using PPTP, then you can (must) have the PIX allocate an address
from a pool for the remote end. The remote end does not need to be running
the Cisco client for this to work. I've had PPTP work from Mac OSX and
from MS Windows 2000.

As I recall, you can also do dynamic address allocation on the PIX
for L2TP, but I've never dug into that enough to get it to work (it rides
on top of IPSec.)

:So does it mean beside Cisco VPN client, there is no way I can Cisco PIX to
ther IPsec product using dynamic IP address?

I'm not sure what "other settings" you were looking for? The PIX isn't
magic about allocating addresses for the VPN client: you need to configure
the pool.
--
Cottleston, Cottleston, Cottleston pie.
A bird can't whistle and neither can I. -- Pooh
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Watchguard / Safenet Client and Cisco VPN Client Compatible? Patrick Dunnigan Cisco 1 01-30-2009 01:14 PM
Cisco PIX 7.0.1 to Watchguard V60 VPN Tunnel jbuice@gmail.com Cisco 6 07-22-2008 09:45 PM
Issue with Cisco Pix 515 and WatchGuard VPN dgteel Cisco 1 04-13-2007 03:31 AM
PIX 501 to Watchguard SOHO lnichols3@gmail.com Cisco 1 08-18-2006 01:09 AM
Cisco 827 -> Watchguard VPN David Lee Cisco 1 09-18-2003 11:26 AM



Advertisments