connecting a Cisco 2610 to a Cisco PIX Firewall

Discussion in 'Cisco' started by paul, Nov 10, 2003.

  1. paul

    paul Guest

    I need assistance with a configuration.

    I have a cisco 2610 router in the office here.
    I need to connect to a customers site over our ADSL using a 3DES VPN.

    Our customer has a PIX515 Firewall and needs me to give him a
    configuration to paste onto the firewall.

    I have never set up a PIX515 before.
    We have a number of router to router VPNs set up but none to a
    firewall.

    Any config advice would be appreciated.
    Preferably something I could just ammend with the relevant IP
    Addresses and paste onto the PIX and router

    Thanks
     
    paul, Nov 10, 2003
    #1
    1. Advertising

  2. paul

    Peter Rowe Guest

    For a Pix 501 I have used:-

    access-list site-to-site permit ip PIXIP PIXMASK YOURSITEIP YOURMASK (this is to encrypt the traffic from site-to-site)
    access-list noNAT permit ip PIXIP PIXMASK YOURSITEIP YOURMASK (This is your NAT Exception for the VPN Traffic)

    nat (inside) 0 access-list noNAT
    sysopt connection permit-ipsec
    crypto ipsec transform-set prop1 esp-des esp-md5-hmac
    crypto map my-map 20 ipsec-isakmp
    crypto map my-map 20 match address site-to-site
    crypto map my-map 20 set peer YOURIP
    crypto map my-map 20 set transform-set prop1

    isakmp enable outside
    isakmp key ******** address YOURROUTER netmask 255.255.255.255 no-xauth no-config-

    isakmp policy 25 authentication pre-share
    isakmp policy 25 encryption des
    isakmp policy 25 hash md5
    isakmp policy 25 group 2
    isakmp policy 25 lifetime 86400

    Also rememer that the access list on the Router must have IP Permit commands to allow traffic from the PIX Private side (which is unusual if you are used to router-router VPN's!)

    Regards
    Peter.



    >>> paul<> 10/11/2003 16:29:57 >>>

    I need assistance with a configuration.

    I have a cisco 2610 router in the office here.
    I need to connect to a customers site over our ADSL using a 3DES VPN.

    Our customer has a PIX515 Firewall and needs me to give him a
    configuration to paste onto the firewall.

    I have never set up a PIX515 before.
    We have a number of router to router VPNs set up but none to a
    firewall.

    Any config advice would be appreciated.
    Preferably something I could just ammend with the relevant IP
    Addresses and paste onto the PIX and router

    Thanks
     
    Peter Rowe, Nov 10, 2003
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Chris G.

    2610 Firewall IOS won't NAT

    Chris G., Jul 15, 2003, in forum: Cisco
    Replies:
    2
    Views:
    1,550
    Ravikumar Eswaran
    Jul 15, 2003
  2. IHateSpam
    Replies:
    2
    Views:
    9,554
    touristsis
    Nov 22, 2008
  3. Phil
    Replies:
    1
    Views:
    2,158
    Walter Roberson
    Dec 11, 2004
  4. Ken  Gallagher
    Replies:
    2
    Views:
    2,627
    ken gallagher
    Aug 7, 2006
  5. Replies:
    2
    Views:
    622
Loading...

Share This Page