Tom's Hardware > Forum > General Networking > Firewall > Cisco PIX and multiple VPN

Cisco PIX and multiple VPN

Forum General Networking : Firewall - Cisco PIX and multiple VPN

Tom's Hardware: Over 1.4 million members in 6 different countries available to answer all your high-tech questions. Sign up now! Its free!

News

Ask the community Add a reply

Bottom Search this thread

Archived from groups: comp.security.firewalls (More info?)

Hi Guys,

My company needs to implements multiple VPN channels. We have Cisco PIX-515.
We hanve configured 2 VPN channels but both are ended also on PIX firewals
appliances.
The new need may address even up to 100 VPN connection.

My first doubt - is it possible to configure PIX to support so much VPN
connections without configuring each one-by-one? RADIUS server inside...
some kind of Easy VPN server...?

Second doubt - is it possible to configure those VPN channels from
non-Cisco-based-IOS (routers, other PIX'es) or Cisco VPN clients, for ex.
small VPN routers from D-Link, Linksys, Arlotto, etc...? And authenticate
them automaticaly as mentioned in my first doubt - preshared key, digital
cert, RADIUS?

Thanks for any suggests,
aslom

Add a reply

Archived from groups: comp.security.firewalls (More info?)

On 2005-09-27, aslom <aslom@paytel.nospa_m.pl> blabbed:
> My first doubt - is it possible to configure PIX to support so much VPN

Yes, we currently have the better part of 50 or so on a pix 515. The
cpu usage is currently sitting at about 15-30%. If you were going to
get into the 100 vpn range I'd suggest monitoring the traffic carefully
on the 515 and perhaps going up to a 525. It would depend how heavy the
traffic load is going to be. Another thing you need to look into is a
failover configuration if you're getting into that many hosts and you
need any serious degree of reliability.

Reply to shadus

Archived from groups: comp.security.firewalls (More info?)

second question:

You should be able to connect to any other device that supports ipsec. Cisco to Linux and freebsd works just fine.
--
jbeasley@sdf.lonestar.org
SDF Public Access UNIX System - http://sdf.lonestar.org

Reply to Anonymous

Definately use the RADIUS server.. enhanced security with it.

Cisco = security by obscurity. Not so much, but it's not something everyone knows, making it harder to hack.

Reply to riser

im not really a pro on this area, but shouldnt u use a VPN Concentrator for this.

i took some study in Cisco FNS, i remember that 515 handles 100 connections maximum, upgrading to 525 could be ur best choice.

Reply to PlutoDelic

We're using our Concentrator which is the general way to go about it.

I'm familar in terms with Cisco but I don't work hands on with it and I didn't bother looking up his equipment to find out the setup.

With what he offered, I gave a potential solutions.

I think it's Microsoft ISA server for security over the RADIUS these days.

But yeah, the concentrator would be the best route to go.

Reply to riser

Quote :

But yeah, the concentrator would be the best route to go.

yea thats what i exactly ment

try to find the cisco CSVPN curricullum, all the Commands and stuff of the Concentrator are inside

Reply to PlutoDelic

Ask the community Add a reply

Tom's Hardware > Forum > General Networking > Firewall > Cisco PIX and multiple VPN

Go to:

Help |
Forum rules

There are 584 identified and unidentified users. To see the list of identified users, Click here.

Page generated in 0.222 seconds

Please mind

You are about to answer a thread that has been inactive for more than 6 months.
If you still wish to proceed, please ensure that your posting is original and does not duplicate or overlap any prior responses to this thread.

Add a reply Cancel

Become a fan

Cisco PIX and multiple VPN

Forum General Networking : Firewall - Cisco PIX and multiple VPN

Please mind