connecting a Cisco 2610 to a Cisco PIX Firewall

Discussion in 'Cisco' started by paul, Nov 10, 2003.

  1. paul

    paul Guest

    I need assistance with a configuration.

    I have a cisco 2610 router in the office here.
    I need to connect to a customers site over our ADSL using a 3DES VPN.

    Our customer has a PIX515 Firewall and needs me to give him a
    configuration to paste onto the firewall.

    I have never set up a PIX515 before.
    We have a number of router to router VPNs set up but none to a
    firewall.

    Any config advice would be appreciated.
    Preferably something I could just ammend with the relevant IP
    Addresses and paste onto the PIX and router

    Thanks
     
    paul, Nov 10, 2003
    #1
    1. Advertisements

  2. paul

    Peter Rowe Guest

    For a Pix 501 I have used:-

    access-list site-to-site permit ip PIXIP PIXMASK YOURSITEIP YOURMASK (this is to encrypt the traffic from site-to-site)
    access-list noNAT permit ip PIXIP PIXMASK YOURSITEIP YOURMASK (This is your NAT Exception for the VPN Traffic)

    nat (inside) 0 access-list noNAT
    sysopt connection permit-ipsec
    crypto ipsec transform-set prop1 esp-des esp-md5-hmac
    crypto map my-map 20 ipsec-isakmp
    crypto map my-map 20 match address site-to-site
    crypto map my-map 20 set peer YOURIP
    crypto map my-map 20 set transform-set prop1

    isakmp enable outside
    isakmp key ******** address YOURROUTER netmask 255.255.255.255 no-xauth no-config-

    isakmp policy 25 authentication pre-share
    isakmp policy 25 encryption des
    isakmp policy 25 hash md5
    isakmp policy 25 group 2
    isakmp policy 25 lifetime 86400

    Also rememer that the access list on the Router must have IP Permit commands to allow traffic from the PIX Private side (which is unusual if you are used to router-router VPN's!)

    Regards
    Peter.


    I need assistance with a configuration.

    I have a cisco 2610 router in the office here.
    I need to connect to a customers site over our ADSL using a 3DES VPN.

    Our customer has a PIX515 Firewall and needs me to give him a
    configuration to paste onto the firewall.

    I have never set up a PIX515 before.
    We have a number of router to router VPNs set up but none to a
    firewall.

    Any config advice would be appreciated.
    Preferably something I could just ammend with the relevant IP
    Addresses and paste onto the PIX and router

    Thanks
     
    Peter Rowe, Nov 10, 2003
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.