VPN PIX-_static PIX ; PIX-dynamic_PIX ; VPN Client

Discussion in 'Cisco' started by Svenn, Mar 10, 2006.

  1. Svenn

    Svenn Guest

    Hello !
    Anyone has a equal Konfiguration ?
    - one pix-pix static vpn tunnel
    - one pix-pix static vpn tunnel
    - one pix-pix dynamic ip
    - Cisco VPN Client
    How do i add a crypto map for the Cisco VPN Client without to destroy
    the existing VPN-Tunnels ?

    Thats (the important part) of my configuration. The access-lists and
    the other commands are no problem for me ;)
    .....
    sysopt connection permit-ipsec
    crypto ipsec transform-set very_strong_set esp-3des esp-md5-hmac
    crypto ipsec transform-set vpn_client_set1 esp-aes-256 esp-sha-hmac
    crypto dynamic-map dynamic_to_pl 10 match address acl_to_pl
    crypto dynamic-map dynamic_to_pl 10 set transform-set very_strong_set
    crypto map zentrale 10 ipsec-isakmp
    crypto map zentrale 10 match address acl_to_berlin
    crypto map zentrale 10 set peer pix-berlin
    crypto map zentrale 10 set transform-set very_strong_set
    crypto map zentrale 20 ipsec-isakmp
    crypto map zentrale 20 match address acl_to_munich
    crypto map zentrale 20 set peer pix-munich
    crypto map zentrale 20 set transform-set very_strong_set
    crypto map zentrale 30 ipsec-isakmp dynamic dynamic_to_pl
    crypto map zentrale interface outside
    isakmp enable outside
    isakmp key ******** address pix-berlin netmask 255.255.255.255 no-xauth
    no-config-mode
    isakmp key ******** address pix-munich netmask 255.255.255.255 no-xauth
    no-config-mode
    isakmp key ******** address 0.0.0.0 netmask 0.0.0.0 no-xauth
    no-config-mode
    isakmp identity address
    isakmp policy 10 authentication pre-share
    isakmp policy 10 encryption 3des
    isakmp policy 10 hash md5
    isakmp policy 10 group 1
    isakmp policy 10 lifetime 86400
    .....
     
    Svenn, Mar 10, 2006
    #1

    1. Advertisements

  2. Svenn

    Merv Guest

    Merv, Mar 11, 2006
    #2

    1. Advertisements

  3. Svenn

    Walter Roberson Guest

    Please quote context.
    You posted a reference to an IOS feature when the original poster
    was asking about PIX configuration.

    The PIX configuration posted by the original poster appears to be PIX 6
    (probably PIX 6.3), which does not have any kind of isakmp profiles.
     
    Walter Roberson, Mar 11, 2006
    #3
  4. Svenn

    Svenn Guest

    Thats right , we are using a PIX 6.3(4).
     
    Svenn, Mar 13, 2006
    #4

    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.
Similar Threads

  1. PIX to VPN Client, cannot Access Client

  2. Help with Cisco VPN client 4.0.1 (and 4.0.3) - The VPN client could not find the adapters GUID

  3. PIX to PIX VPN and VPN Client to PIX Config Example?

  4. Pix-to-Pix and Client-to-Pix VPN

  5. PIX 501 VPN client to VPN client connections

  6. PIX VPN client-to-client routing: clever ways?

  7. Cisco VPN client OK - Checkpoint VPN client not OK

Loading...