pix 501 to pix 506 easy vpn

Discussion in 'Cisco' started by fredrikmagnil@hotmail.com, May 18, 2006.

  1. Guest

    Hi.

    We´ve got a cisco pix 506 firewall at our main office and a pix 501 at
    another branch office. I want to connect these two to each other using
    the 506 as an easy vpn server, so that it seems like the clients at the
    branch office are in the same network as the main office. It probably
    isn't that hard, but since I'm kinda new to this I would like some
    guidance.

    The IP numbers are modified, but the firewalls are setup kinda like
    this:

    Main office:
    Cisco pix 506 with static external IP: 209.165.201.8
    Inside IP: 10.10.10.7

    Branch office:
    Cisxo pix 501 with static external IP: 209.165.200.229
    Inside IP: 10.10.20.1


    Thanks in advance.
     
    , May 18, 2006
    #1
    1. Advertising

  2. In article <>,
    <> wrote:
    >We´ve got a cisco pix 506 firewall at our main office and a pix 501 at
    >another branch office. I want to connect these two to each other using
    >the 506 as an easy vpn server, so that it seems like the clients at the
    >branch office are in the same network as the main office.


    How important is it that they appear to be on the same network?
    It is much easier to set up if they appear to be on different networks.

    Since the PIX 501 and PIX 506 are only Layer 3 firewalls at
    present, you aren't going to get ARP or NETBIOS broadcasts through
    the VPN, so they aren't really going to appear to be on the same
    network anyhow.

    If you need Layer 2 Transparent VPN then you need PIX 515/515E,
    525, 535, or a Cisco ASA; alternately, some of the newer Cisco IOS
    versions support it (and on IOS versions that don't, there's always gre
    encapsulation.)
     
    Walter Roberson, May 18, 2006
    #2
    1. Advertising

  3. Rob Guest

    Have you got a server at the main office? If so, setup an ipsec tunnel
    between the offices and log people onto your domain. You don't need the easy
    vpn server and the pix units will do fine.


    <> wrote in message
    news:...
    Hi.

    We´ve got a cisco pix 506 firewall at our main office and a pix 501 at
    another branch office. I want to connect these two to each other using
    the 506 as an easy vpn server, so that it seems like the clients at the
    branch office are in the same network as the main office. It probably
    isn't that hard, but since I'm kinda new to this I would like some
    guidance.


    The IP numbers are modified, but the firewalls are setup kinda like
    this:

    Main office:
    Cisco pix 506 with static external IP: 209.165.201.8
    Inside IP: 10.10.10.7

    Branch office:
    Cisxo pix 501 with static external IP: 209.165.200.229
    Inside IP: 10.10.20.1


    Thanks in advance.
     
    Rob, May 19, 2006
    #3
  4. Guest

    Well, I guess it isn't very important that they appear to be on the
    same network. Just as long as the users at the branch office can access
    files on the server at the main office, and vice versa.

    Yes Rob, we've got servers at both locations, both are in the same
    domain. So all users will log on to the same domain. What I want to
    achieve here is being able to control all servers from one location,
    including shared folders, users etc. I want to be able to see all the
    users when I look in active directory on the main office server,
    including the ones that are sitting at the branch office. I guess I
    would have to replicate the users database from the branch office
    server to do this? Will this ipsec tunnel allow me to do all this?
     
    , May 22, 2006
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Brian
    Replies:
    1
    Views:
    586
    Brian
    Jul 18, 2004
  2. Fwed

    VPN pix 506 - 501 fall down

    Fwed, Aug 30, 2005, in forum: Cisco
    Replies:
    0
    Views:
    475
  3. Fwed
    Replies:
    5
    Views:
    815
  4. Silvan Jappert

    Pix 506 & 501 site-to-site VPN question.

    Silvan Jappert, May 1, 2006, in forum: Cisco
    Replies:
    4
    Views:
    3,713
    Silvan Jappert
    May 4, 2006
  5. Jay
    Replies:
    7
    Views:
    985
Loading...

Share This Page