From: Clay Maney (clay@pronettech.com)
Date: Tue May 25 2004 - 23:05:35 GMT-3
If you're not using a Cisco device for the DSL router, make sure
you configure the PIX side with something like:
isakmp key <preshared-key> address 0.0.0.0 netmask 0.0.0.0 no-xauth no-config-mode
(the no-xauth and no-config-mode seem to be necessary for interoperability
with non-Cisco VPN's.) At least, I know I've had to put the no-xauth in there,
because otherwise isakmp doesn't come up and says "AUTH" as the state because
it's waiting for xauth.
The downside to this is that you're just protected by a pre-shared key so
you'd better make it a good one.
Obviously, that's a partial config, but there's lots of configuration
examples on CCO that show how to do this. My preference for you would
be a Cisco DSL box, then a (current) Linksys, and then a Sonic Wall.
Good luck,
Clay
On Tue, May 25, 2004 at 11:55:50AM -0700, mo ddin wrote:
> Hi Group,
>
> Sorry for OT :
>
>
> I am looking IPSEC VPN solution between DSL router (sonic wall, lincksys or Cisco) to pix515. DSL router gets one dynamic IP address. Any one has experience creating VPN tunnel between DSL router and pix 515?
>
>
>
> Please share your experience.
>
>
> Thanks
>
>
>
>
> ---------------------------------
> Do you Yahoo!?
> Friends. Fun. Try the all-new Yahoo! Messenger
>
> _______________________________________________________________________
> Please help support GroupStudy by purchasing your study materials from:
> http://shop.groupstudy.com
>
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Wed Jun 02 2004 - 11:12:17 GMT-3