freddotcom
Vendor
Hi
I´v got a Pix 506 (6.1) that I´m going to use as firewall / VPN box for a small company. I want the PIX to handle all vpn authentification itself, and we need to have five different vpn useraccounts on the Pix. (client to Pix, Vpnclient 3.5.)
Internal users should be able to access anything they want to on the internet, and vpn users should be able to access anything the want on the internal network.
If possible, it would nice if the vpnclients could access the internet as well, but I guess thats only possible by split-tunnel or a proxy on the inside and that´s out of the question.
I´v figured out how to configure the Pix so that all internal users can access the internet, the big problem is the configuration of vpn, I can't find any good documentation that clears everything out. Should I go with vpdn or vpngroup or something else? Would be glad if someone could point me in the right direction or post a config for me. If any of this is´nt possible, or you got any other suggestions please tell me.
Thanks in advance
Kind Regards Fred
Sweden
I´v got a Pix 506 (6.1) that I´m going to use as firewall / VPN box for a small company. I want the PIX to handle all vpn authentification itself, and we need to have five different vpn useraccounts on the Pix. (client to Pix, Vpnclient 3.5.)
Internal users should be able to access anything they want to on the internet, and vpn users should be able to access anything the want on the internal network.
If possible, it would nice if the vpnclients could access the internet as well, but I guess thats only possible by split-tunnel or a proxy on the inside and that´s out of the question.
I´v figured out how to configure the Pix so that all internal users can access the internet, the big problem is the configuration of vpn, I can't find any good documentation that clears everything out. Should I go with vpdn or vpngroup or something else? Would be glad if someone could point me in the right direction or post a config for me. If any of this is´nt possible, or you got any other suggestions please tell me.
Thanks in advance
Kind Regards Fred
Sweden