VPN on Pix501 6.1(4)

Discussion in 'Cisco' started by adrien_t@hotmail.com, Feb 19, 2005.

  1. Guest

    I am trying to set up a VPN on my PIX 501 which is running 6.1(4) with
    PDM 1.1(2) (no vpn wizard). What commands should I send to get this set
    up?

    My Config is
    Building configuration...
    : Saved
    :
    PIX Version 6.1(4)
    nameif ethernet0 outside security0
    nameif ethernet1 inside security100
    enable password <...> encrypted
    passwd <...> encrypted
    hostname pixfirewall
    domain-name pix.firewall
    fixup protocol ftp 21
    fixup protocol http 80
    fixup protocol h323 1720
    fixup protocol rsh 514
    fixup protocol rtsp 554
    fixup protocol smtp 25
    fixup protocol sqlnet 1521
    fixup protocol sip 5060
    fixup protocol skinny 2000
    names
    access-list 101 permit icmp any any echo-reply
    access-list 101 permit icmp any any unreachable
    access-list 101 permit icmp any any source-quench
    access-list 101 permit icmp any any traceroute
    access-list 101 permit icmp any any time-exceeded
    pager lines 24
    logging on
    logging buffered errors
    logging trap notifications
    interface ethernet0 10baset
    interface ethernet1 10full
    mtu outside 1500
    mtu inside 1500
    ip address outside 64.140.81.226 255.255.255.224
    ip address inside 192.168.1.1 255.255.255.0
    ip audit info action alarm
    ip audit attack action alarm
    pdm location 192.168.1.50 255.255.255.255 inside
    pdm location 192.165.1.2 255.255.255.255 inside
    pdm location 192.165.1.0 255.255.255.0 inside
    pdm location 64.140.81.226 255.255.255.255 outside
    pdm location 192.168.1.243 255.255.255.255 inside
    pdm history enable
    arp timeout 14400
    global (outside) 1 interface
    nat (inside) 1 0.0.0.0 0.0.0.0 0 0
    static (inside,outside) tcp interface www 192.168.1.243 www netmask
    255.255.255.255 0 0
    static (inside,outside) tcp interface 8080 192.168.1.243 8080 netmask
    255.255.255.255 0 0
    access-group 101 in interface outside
    route outside 0.0.0.0 0.0.0.0 64.140.81.225 1
    timeout xlate 3:00:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323
    0:05:00 sip 0:30:00 sip_media 0:02:00
    timeout uauth 0:05:00 absolute
    aaa-server TACACS+ protocol tacacs+
    aaa-server RADIUS protocol radius
    http server enable
    http 192.168.1.0 255.255.255.0 inside
    no snmp-server location
    no snmp-server contact
    snmp-server community public
    no snmp-server enable traps
    floodguard enable
    no sysopt route dnat
    telnet timeout 5
    ssh timeout 5
    dhcpd address 192.168.1.25-192.168.1.56 inside
    dhcpd dns 64.140.81.231 170.147.45.165
    dhcpd lease 3600
    dhcpd ping_timeout 750
    dhcpd auto_config outside
    dhcpd enable inside
    terminal width 80
    Cryptochecksum:165f5e29369450e5da581ea6eb1c6a16
    : end
    [OK]
    , Feb 19, 2005
    #1
    1. Advertising

  2. In article <>,
    <> wrote:
    :I am trying to set up a VPN on my PIX 501 which is running 6.1(4) with
    :pDM 1.1(2) (no vpn wizard). What commands should I send to get this set
    :up?

    Have you RTFM ? The PIX documentation has an entire manual devoted
    to such matters.

    Your configuration contains nothing so far related to VPNs, and you have
    not given us any information as to whether you need the VPN to
    be incoming or outgoing, and whether you need it to be for PPTP
    or IPSec, and if IPSec whether you want to use pure IPSec or want
    to use EzVPN.
    --
    Ceci, ce n'est pas une idée.
    Walter Roberson, Feb 19, 2005
    #2
    1. Advertising

  3. Guest

    I have tried following the instructions on Cisco.com and have failed so
    I have removed the VPN entries for now. I am looking to set the PIX to
    recieve VPN requests from Microsoft VPN software so I can connect from
    home. I think that means I need it to be PPTP. I have gotten ahold of
    some manuals for the 501 but they are all for later versions of the
    firmware (I am running 6.1(4) with PDM version 1.1)
    , Feb 19, 2005
    #3
  4. Walter Roberson, Feb 19, 2005
    #4
  5. Regardless of RTFM'ing, do yourself a favor and upgrade to 6.3.4 and the
    corresponding PDM version (3.01?). The VPN Wizard is actually very good.




    On 02/19/2005 05:05 PM, in article cv8d83$n0d$,
    "Walter Roberson" <-cnrc.gc.ca> wrote:

    > In article <>,
    > <> wrote:
    > : I have gotten ahold of
    > :some manuals for the 501 but they are all for later versions of the
    > :firmware (I am running 6.1(4) with PDM version 1.1)
    >
    >

    http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_61/index.ht>
    m
    Brant I. Stevens, Feb 19, 2005
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Rik Bain

    Re: Pix501 VPN Woes - help needed

    Rik Bain, Jul 11, 2003, in forum: Cisco
    Replies:
    1
    Views:
    1,264
    Ian Easson
    Jul 16, 2003
  2. Greg
    Replies:
    0
    Views:
    450
  3. News Free

    How to nat before vpn with pix501

    News Free, Nov 5, 2003, in forum: Cisco
    Replies:
    1
    Views:
    1,882
    Walter Roberson
    Nov 7, 2003
  4. Søren Hansen

    Easy VPN on PIX501

    Søren Hansen, Nov 7, 2003, in forum: Cisco
    Replies:
    1
    Views:
    408
    Walter Roberson
    Nov 7, 2003
  5. Tom
    Replies:
    4
    Views:
    668
Loading...

Share This Page