Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

PIX Remote Access VPN & Authentication?

Status
Not open for further replies.
tdoma

tdoma

IS-IT--Management
Aug 13, 2003
94
US
I am in the process of implementing (1st implementation for me) a PIX 515E based Remote Access VPN solution for our office. I wanted to find out from the group, when using PDM 3.0 to configure VPN there is an option for preshared keys and certificates. What is preshared keys? Is it a password I can just create myself (Pre-shared key (Group Password) or do I have to get from somewhere else?
My next issue/question is I would like use a Windows 2000 Domain Controller to authenticate the users who connect through the PIX VPN. I am looking for some documentation that will show me how to accomplish this.
 
Sort by date Sort by votes
Hi,

just configure your windows 2000 radius server (internet authentication server) to connect to the pix (it needs just the ip-number of the pix + a password). Then use the pdm vpn wizard to set up remote access vpn using pptp (straight forward - no extras needed). Tell the pix to use the radius server (ip-number) for authentication (system properties/aaa). Give it the same password you configured the radius server with. Your remote clients can use the standard windows 2000/XP VPN-software (no extra configuration needed, just use the windows vpn wizard). You are done.
 
Upvote 0 Downvote
Hi Fritjof,

I am just starting to get ready to configure my pix(515E) for VPN access and noticed your post. The scenario you describe sounds pretty appealing however would like more configuration details, especially considering I don't use pdm, prefer command line. I am running W2K3, all clients are XP and I was going to use the cisco vpn client, however if what you describe is workable in my situation I may re-assess. I currently don't have IAS installed but could do it quite easily on domain controller.

Thanks,

Loyalist
 
Upvote 0 Downvote
Hi Loyalist,

I am running a 506e with VPN. I never could get a W2k3 server to work as my Radius server. I finally had to use a W2k server for this. Everything works great, even with the Cisco client, except I can't see the Radius server once I'm authenticated by it. There are posts here that walk you through step by step how to set everything up. Anyway, hope this helps.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Shmid
  • Locked
  • Question
Restricting Sonicwall SSL-VPN users for WAN access
Replies
7
Views
362
Shmid
Shmid
intel233
  • Locked
  • Question
Cisco ASA - VPN Question
Replies
6
Views
296
intel233
intel233
ISDPCMAN
  • Locked
  • Question
RDP fails over VPN
Replies
1
Views
128
gkittelson
gkittelson
WhosYourDiffie
  • Locked
  • Question
Cisco ASA 5506 VPN for Avaya Phones
Replies
0
Views
88
WhosYourDiffie
WhosYourDiffie
ITSUPPORTIT
  • Locked
  • Question
VPN from ASA 5510 and RV215W problem
Replies
0
Views
78
ITSUPPORTIT
ITSUPPORTIT

Part and Inventory Search

Sponsor

Back
Top