Multiple site-to-site VPN plus two dynamic VPN connections one to different VLAN

Discussion in 'Cisco' started by Joey, Apr 25, 2007.

  1. Joey

    Joey Guest

    I have a PIX running 6.3(5) with 5 site-to-site ipsec tunnels (static
    IPs) and one dynamic IP one (all using only pre-shared keys, no AAA).
    I'd like to allow an outside vendor access to a particular VLAN and
    allow them to enter from any IP address.

    The dynamic IP site has a PIX 501 at it, so I assume I can upgrade to
    some kind of user/pass in there for it to come in with. Is it
    possible to terminate the dynamic connections using the local AAA
    database? I'm not clear on the relationship between the pre-shared key
    and were a user/pass comes in (regardless if it goes to radius or
    not).

    Also, is it possible to restrict the vendor's credentials to a
    particular VLAN and always give them the same IP address on that VLAN?
    The current setup doesn't give anyone IP addresses including the
    dynamic site. It just routes. I have access to an ACS server but
    would like to keeps things as simple as possible.

    I also have a 1811 that's currently a VPN between another vendor and
    the back of their server here. Would it be easier and less disruptive
    to try and do it on this one? I'm not sure of the 1811's capabilities
    in this respect. But it might keep "outsiders" on their own router
    and off of the other firewall.

    Thanks!
    Joey
     
    Joey, Apr 25, 2007
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. c
    Replies:
    2
    Views:
    825
  2. Hans-Peter Walter
    Replies:
    3
    Views:
    1,167
    Joe Bloggs
    Jan 21, 2004
  3. Replies:
    13
    Views:
    1,094
    Martin Bodenstedt
    Oct 31, 2005
  4. tepo
    Replies:
    1
    Views:
    439
    Walter Roberson
    Apr 25, 2007
  5. SteveB
    Replies:
    0
    Views:
    3,254
    SteveB
    Mar 26, 2009
Loading...

Share This Page