[vpn] vpn question

Jose Muniz jmuniz at loudcloud.com
Thu Jan 24 19:36:57 EST 2002


unmanageable, this is true with full mesh as well...


Jose.

"Qian, Roger" wrote:

> Thanks Dana.
>
> You said, the PIX is better for site to site VPN's than for remote client
> VPN's. Could you please tell me why?
> Currently we're using Microsoft NT RRAS VPN server, and are going to have a
> PIX 515 UR firewall with VPN 3DES license.
>
> Thanks again for your time.
>
> Roger
>
> -----Original Message-----
> From: Dana J. Dawson [mailto:djdawso at qwest.com]
> Sent: Wednesday, January 23, 2002 6:03 PM
> To: vpn at securityfocus.com
> Subject: Re: [vpn] vpn question
>
> "Qian, Roger" wrote:
> >
> > Has someone used CISCO PIX firewall built-in VPN function?
> > Thanks.
> > Roger
>
> I've configured PIX's to do both site-to-site and remote client VPN's.
> They're
> very much like Cisco routers to configure, both in terms of the commands you
> use
> and the amount of work it takes to get things working.  The biggest
> challenge
> with setting up VPN's in the routers and PIX's is getting all the various
> command parameters correct that have to match between the peers.  You
> frequently
> end up spending more time doing a "stare and compare" than you do putting in
> the
> actual configuration.  As is the case with the routers, the PIX is better
> for
> site-to-site VPN's than for remote client VPN's.
>
> HTH
>
> Dana
>
> --
> Dana J. Dawson                     djdawso at qwest.com
> Senior Staff Engineer              CCIE #1937
> Qwest Global Services              (612) 664-3364
> Qwest Communications               (612) 664-4779 (FAX)
> 600 Stinson Blvd., Suite 1S
> Minneapolis  MN  55413-2620
>
> "Hard is where the money is."
>
> VPN is sponsored by SecurityFocus.com
>
> VPN is sponsored by SecurityFocus.com

--
Jose Muniz
Network Engineering
Loudcloud, Inc.
(408)744-7583 Direct
page-jmuniz at loudcloud.com
-------------------------
http://www.loudcloud.com



VPN is sponsored by SecurityFocus.com





More information about the VPN mailing list