Saturday, December 24, 2011

How do you connect 2 remote sites together using a cisco PIX site to site VPN? ?

I have 2 locations connected to my pix using IPSEC vpn. I need to two locations to talk to each other (using 4 digit dialing UDP).


How do I get the remote locations to talk to each other? New IPSEC rules at each location? Simple routing (ive tried)?





|||Just so you know, the Cisco PIX has reached end of life status with Cisco. There are newer solutions available from Cisco.





Site-to-site VPN relies on the appliances negotiating server/client status as well as authentication. Can the machines ping one another? If so, go ahead and try and send over the authentication to the endpoint and use a packet capture to try and verify the headers and authentication data are right. Are both set up properly?





If you want more flexibility, I'd probably recommend a Linksys (made by Cisco) brand router running DD-WRT open source firmware. There are VPN versions that allow for point-to-point VPN over WAN. The router can also function as a VPN server for your LAN. In addition, addons such as Snort allow you to further increase the security.





If there is connectivity, then there's probably a misconfiguration in your appliance. You'd need to check your setting and refer to the user manual.

No comments:

Post a Comment