FirewallWizards
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [fw-wiz] Need help configuring client-side VPN to Cisco 2801

from [Mike Leone] [Permanent Link][Original]
To: Firewall Wizards Security Mailing List <firewall-wizards@listserv.icsalabs.com>
Subject: Re: [fw-wiz] Need help configuring client-side VPN to Cisco 2801
From: Mike Leone <turgon@mike-leone.com>
Date: Fri, 16 Feb 2007 13:44:00 -0500
Delivered-to: sp-com-lists@consult.net
Delivered-to: fwwizards-list2@consult.net
Delivered-to: firewall-wizards@listserv.icsalabs.com
In-reply-to: <002401c751e1$879d4170$3400300a@ad.priorityhealth.com>
List-archive: <https://listserv.icsalabs.com/pipermail/firewall-wizards>
List-help: <mailto:firewall-wizards-request@listserv.icsalabs.com?subject=help>
List-id: Firewall Wizards Security Mailing List <firewall-wizards.listserv.icsalabs.com>
List-post: <mailto:firewall-wizards@listserv.icsalabs.com>
List-subscribe: <https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards>, <mailto:firewall-wizards-request@listserv.icsalabs.com?subject=subscribe>
List-unsubscribe: <https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards>, <mailto:firewall-wizards-request@listserv.icsalabs.com?subject=unsubscribe>
References: <45D2644B.3090607@mike-leone.com> <002401c751e1$879d4170$3400300a@ad.priorityhealth.com>
Reply-to: turgon@mike-leone.com, Firewall Wizards Security Mailing List <firewall-wizards@listserv.icsalabs.com>
Sender: firewall-wizards-bounces@listserv.icsalabs.com
User-agent: Mutt/1.5.13 (2006-08-11) 
Paul Melson (pmelson@gmail.com) had this to say on 02/16/07 at 11:50: 
> > crypto isakmp client configuration group VPN3000
> >   key ******
> >   dns 192.168.1.9 192.168.1.241
> >   wins 192.168.1.39
> >   domain mycompany.com
> >   pool contrib
> > !
> >
> > ip local pool contrib 172.16.1.1 172.16.1.255 crypto map VPN 999
> ipsec-isakmp dynamic DYNAMICMAP 
> 
> Should be:
> 
> crypto isakmp client configuration group VPN3000
>   key ******
>   acl 120
>   dns 192.168.1.9 192.168.1.241
>   wins 192.168.1.39
>   domain mycompany.com
>   pool contrib
> !
> 
> ip local pool contrib 172.16.1.1 172.16.1.255 crypto map VPN 999
> ipsec-isakmp dynamic DYNAMICMAP 
> access-list 100 permit ip 172.16.1.0 0.0.0.255 192.168.1.0 0.0.0.255
> access-list 120 permit ip 192.168.1.0 0.0.0.255 any

Thanks; I will try that. The boss says no changes allowed during working
hours (M-Sat, 7-7), so it may be a little bit until I can test this.
_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [fw-wiz] PIX stateful failover and separate external circuits, Florin Andrei
Next by Date:  Re: [fw-wiz] incoming NAT/PATs for VPN users, James
Previous by Thread:  Re: [fw-wiz] Need help configuring client-side VPN to Cisco 2801, Paul Melson
Next by Thread:  Re: [fw-wiz] PIX stateful failover and separate external circuits, Paul Murphy
Indexes:  [Date] [Thread] [Top] [All Lists]