PIX 515 vpn site-2-site -> Linux

Discussion in 'Cisco' started by colin, Jul 9, 2005.

  1. colin

    colin Guest

    Hi NG,

    i need some help on a vpn site-2-site connection bedween my pix and a linux
    box. I'pretty new to networking and cisco pix since i had to take over
    someones job since yesterday!
    i've been looking at the pix manual, it tells me to insert following with a
    pix-2-pix vpn tunnel:

    crypto ipsec transform-set strong ESP-DES-MD5 esp-des esp-md5-hmac
    access-list ACL_NAME permit ip IPADRESS 255.255.255.0 IPADRESS 255.255.255.0
    nat 0 access-list ACL_NAME
    nat (inside) 1 0 0
    global (outside) 1 IP_Start-IP_END
    global (outside) 1 PAT_IPs_Adr
    crypto map outside_map 40 ipsec-isakmp
    crypto map outside_map 40 match address 90
    crypto map outside_map 40 set transform-set strong
    crypto map outside_map 40 set peer IP_ADRESS
    crypto map outside_map interface outside
    sysopt connection permit-ipsec

    now what i got is following information of my gateway:

    IP Adress of gateway
    IP Adress of what ip's will be on the other side
    ike=3des-md5-mod1024
    esp=3des-md5
    keylife times

    is this to be configured like pix-to-pix config? what if a sh ver of the pix
    shows
    VPN-3DES-AES: Disabled
    he wants to use 3des and my pix does not support 3des right? i'm just a bit
    lost, so any help is welcome.

    thank ya
    colin
     
    colin, Jul 9, 2005
    #1
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.