Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > need help, will pay

Reply
Thread Tools

need help, will pay

 
 
Michael Williams
Guest
Posts: n/a
 
      04-29-2005
I have a Pix 501 with 3DES, 10 Users license.

I have a DSL connection to the internet, using PPPoE. Speed is 1.5 up/down.

I have a small Windows 2003 Server with AD, Exchange, SQL, IIS, FTP, etc.

I want to have a VPN set up with security formost in mind. I have access to
the Cisco VPN client. My main goals, in the order:

1) Security
2) Remote users can fully act like they are inside my home when connected
via VPN.

I need the VPN part configured and am willing to pay via PayPal, for help.

If interested, let me know.

Todd
http://www.velocityreviews.com/forums/(E-Mail Removed)


 
Reply With Quote
 
 
 
 
Walter Roberson
Guest
Posts: n/a
 
      04-29-2005
In article <(E-Mail Removed)>,
Michael Williams <(E-Mail Removed)> (E-Mail Removed) wrote:
:I have a Pix 501 with 3DES, 10 Users license.
:I have a DSL connection to the internet, using PPPoE. Speed is 1.5 up/down.
:I have a small Windows 2003 Server with AD, Exchange, SQL, IIS, FTP, etc.

:I want to have a VPN set up with security formost in mind. I have access to
:the Cisco VPN client. My main goals, in the order:

:1) Security
:2) Remote users can fully act like they are inside my home when connected
:via VPN.

:I need the VPN part configured

The Pix Device Manager (PDM) should be able to set this up for you
with little difficulty.
--
"No one has the right to destroy another person's belief by
demanding empirical evidence." -- Ann Landers
 
Reply With Quote
 
 
 
 
Walter Roberson
Guest
Posts: n/a
 
      04-29-2005
In article <d4troa$g6s$(E-Mail Removed)>,
Walter Roberson <(E-Mail Removed)-cnrc.gc.ca> wrote:
|In article <(E-Mail Removed)>,
|Michael Williams <(E-Mail Removed)> (E-Mail Removed) wrote:
|:I have a Pix 501 with 3DES, 10 Users license.

|:I need the VPN part configured

|The Pix Device Manager (PDM) should be able to set this up for you

Log in to PDM -- https:// to the IP of the PIX.
Go through the login procedure. Wait for it to load your configuration.

Then, look right at the top at the menu bar. Choose the Wizards menu,
and the VPN Wizard from there. When the VPN Wizard comes up, click
the 'Remote Access VPN' radio box, leave the interface as outside,
then click Next. If you are intending to have the others connect using
the Cisco VPN client, leave the radio box at the first entry
(release 3 or later) and Next.
Fill in an arbitrary group name -- this
group name will be needed by the VPN client to log in, so make it easy
to remember. Fill in a Group Password, confirm it, Next.
Leave "Enable Extended Client Authentication" checked, but in the
AAA Server Group dropbox, go to LOCAL instead of RADIUS or TACACS;
then Next.

Create some users on the next screen... you should probably change
their privilege level to "Monitor Only (3)" in the dropbox. When you
have enough users created, Next.

Put in an address pool name, and put in start and end addresses.
These addresses *must* be in a range different than your inside IPs --
it is crucial that the inside IPs think of the IPs as being "outside".
It is fine, though, for these IPs to be in a RFC 1918 private range. Next.

Fill in DNS server, WINS server, domain name. In order for the users
to see your network "just like" they were inside, you MUST have a WINS
server... [unless, that is, your users are all going to use LMHOSTS to
resolve everything in your network {i.e., not practical.}] Next.

Choose an encryption such as 3DES SHA Group 2, or AES-128 SHA Group 5.
Next.

Choose an encryption and authentication on this new window. Trust me,
they are used for different purposes than the previous window... but it's
probably easiest to use whatever you used on the previous window. Next.

On the Address Translation Exemption page, in the IP address box,
fill in your inside IP network (e.g., 192.168.49.0) and choose the
appropriate Mask, and then click >> so it shows up on the right-hand
side. Then you -might- want to Enable Split Tunneling... or not.
Split Tunneling is more convenient for your users, but less safe for you.

Now click Finish and wait for the PDM to make the appropriate changes.

After that, you may wish to click on the Save icon at the top.
--
'ignorandus (Latin): "deserving not to be known"'
-- Journal of Self-Referentialism
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Wal-Mart's movie download plan: pay and pay again Modemac DVD Video 23 12-08-2006 02:40 PM
The battle moves on from why pay for an OS to why pay for an application(database) thing2 NZ Computing 40 02-18-2006 10:35 PM
Need some specific .Net Training - Will pay. Ed Bangle ASP .Net 3 11-23-2003 05:03 AM
Need a few lines of code help, will pay! Robert Johnson ASP .Net 3 08-04-2003 06:06 PM



Advertisments