need help, will pay

Discussion in 'Cisco' started by Michael Williams, Apr 29, 2005.

  1. I have a Pix 501 with 3DES, 10 Users license.

    I have a DSL connection to the internet, using PPPoE. Speed is 1.5 up/down.

    I have a small Windows 2003 Server with AD, Exchange, SQL, IIS, FTP, etc.

    I want to have a VPN set up with security formost in mind. I have access to
    the Cisco VPN client. My main goals, in the order:

    1) Security
    2) Remote users can fully act like they are inside my home when connected
    via VPN.

    I need the VPN part configured and am willing to pay via PayPal, for help.

    If interested, let me know.

    Todd
     
    Michael Williams, Apr 29, 2005
    #1
    1. Advertising

  2. In article <>,
    Michael Williams <> wrote:
    :I have a Pix 501 with 3DES, 10 Users license.
    :I have a DSL connection to the internet, using PPPoE. Speed is 1.5 up/down.
    :I have a small Windows 2003 Server with AD, Exchange, SQL, IIS, FTP, etc.

    :I want to have a VPN set up with security formost in mind. I have access to
    :the Cisco VPN client. My main goals, in the order:

    :1) Security
    :2) Remote users can fully act like they are inside my home when connected
    :via VPN.

    :I need the VPN part configured

    The Pix Device Manager (PDM) should be able to set this up for you
    with little difficulty.
    --
    "No one has the right to destroy another person's belief by
    demanding empirical evidence." -- Ann Landers
     
    Walter Roberson, Apr 29, 2005
    #2
    1. Advertising

  3. In article <d4troa$g6s$>,
    Walter Roberson <-cnrc.gc.ca> wrote:
    |In article <>,
    |Michael Williams <> wrote:
    |:I have a Pix 501 with 3DES, 10 Users license.

    |:I need the VPN part configured

    |The Pix Device Manager (PDM) should be able to set this up for you

    Log in to PDM -- https:// to the IP of the PIX.
    Go through the login procedure. Wait for it to load your configuration.

    Then, look right at the top at the menu bar. Choose the Wizards menu,
    and the VPN Wizard from there. When the VPN Wizard comes up, click
    the 'Remote Access VPN' radio box, leave the interface as outside,
    then click Next. If you are intending to have the others connect using
    the Cisco VPN client, leave the radio box at the first entry
    (release 3 or later) and Next.
    Fill in an arbitrary group name -- this
    group name will be needed by the VPN client to log in, so make it easy
    to remember. Fill in a Group Password, confirm it, Next.
    Leave "Enable Extended Client Authentication" checked, but in the
    AAA Server Group dropbox, go to LOCAL instead of RADIUS or TACACS;
    then Next.

    Create some users on the next screen... you should probably change
    their privilege level to "Monitor Only (3)" in the dropbox. When you
    have enough users created, Next.

    Put in an address pool name, and put in start and end addresses.
    These addresses *must* be in a range different than your inside IPs --
    it is crucial that the inside IPs think of the IPs as being "outside".
    It is fine, though, for these IPs to be in a RFC 1918 private range. Next.

    Fill in DNS server, WINS server, domain name. In order for the users
    to see your network "just like" they were inside, you MUST have a WINS
    server... [unless, that is, your users are all going to use LMHOSTS to
    resolve everything in your network {i.e., not practical.}] Next.

    Choose an encryption such as 3DES SHA Group 2, or AES-128 SHA Group 5.
    Next.

    Choose an encryption and authentication on this new window. Trust me,
    they are used for different purposes than the previous window... but it's
    probably easiest to use whatever you used on the previous window. Next.

    On the Address Translation Exemption page, in the IP address box,
    fill in your inside IP network (e.g., 192.168.49.0) and choose the
    appropriate Mask, and then click >> so it shows up on the right-hand
    side. Then you -might- want to Enable Split Tunneling... or not.
    Split Tunneling is more convenient for your users, but less safe for you.

    Now click Finish and wait for the PDM to make the appropriate changes.

    After that, you may wish to click on the Save icon at the top.
    --
    'ignorandus (Latin): "deserving not to be known"'
    -- Journal of Self-Referentialism
     
    Walter Roberson, Apr 29, 2005
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Fred  Evans
    Replies:
    0
    Views:
    504
    Fred Evans
    Jul 14, 2003
  2. smccr

    NEED TO PAY OFF CHRISTMAS BILLS!!!!

    smccr, Feb 11, 2004, in forum: Computer Support
    Replies:
    2
    Views:
    460
    Avenger©
    Feb 11, 2004
  3. Modemac
    Replies:
    23
    Views:
    1,209
    Rich Clark
    Dec 8, 2006
  4. Liza Veta

    i need to pay attention

    Liza Veta, Jan 28, 2006, in forum: Computer Support
    Replies:
    24
    Views:
    745
    Liza Smorgaborgsson
    Jan 30, 2006
  5. thing2
    Replies:
    40
    Views:
    963
Loading...

Share This Page