anyone help me out for VPN please

Joseph Shepherd ksjoecho at yahoo.com
Tue Jan 18 15:52:00 CST 2005 

Gerald,
 
I don't have much knowledge about this PIX.
I got this box this weekend from ebay.
 
so I am so excited about this stuff.
on the other hand, I am so stressed about this.
since I spent $350.00 for this.
 
Don't assume that I know anything about PIX.
I'm just learning about this.
What does that mean?
 
"allow inbound mail, web, DNS, FTP, and RADIUS connections, and bone just
about everything else, including the PATed replies coming back in to .5? "
 
 
First, do I need to set up Server for authenticaion.
I assume that windows 2003 server will authenticate the network access since windows 2003 server has a user name and password, Right?
 
If I need to set up server for authentication, what would that be?
any CD required?
while I was researching the web all day, I found that there was a comment
like "Installing CiscoSecure ACS for Windows 2000/NT"
Does it really need for creating VPN access from outside to inside network.
 
All I want is that I would like to have access this server from outside using Cisco PIX 501 VPN.
If you add something, it would be really helpful.
 
 
Thanks!
 
 
 
 


Gerald Combs <gerald at ethereal.com> wrote:
Joseph Shepherd wrote:

> --> Router -> Cisco PIX 501 -> Windows 2003 Standard ( 192.168.1.3)
> -> Windows XP (192.168.1.5)
> Two computer is connected directly to PIX 501.
> 
> only 192.168.1.3 can access to internet outside.
> not 192.168.1.5.

I'm a little rusty on the PIX, but don't access lists have an implicit
"deny" at the end? If so, wouldn't

> access-list outside_access_in permit tcp any host 67.53.24.194 eq smtp
> access-list outside_access_in permit tcp any host 67.53.24.194 eq www
> access-list outside_access_in permit tcp any host 67.53.24.194 eq domain
> access-list outside_access_in permit tcp any host 67.53.24.194 eq ftp
> access-list outside_access_in permit tcp any host 67.53.24.194 eq 1812
> access-list outside_access_in permit tcp any host 67.53.24.194 eq 1813
> access-list outside_access_in permit udp any any eq domain
[ implied: deny ip any any ]

in conjunction with

> access-group outside_access_in in interface outside

allow inbound mail, web, DNS, FTP, and RADIUS connections, and bone just
about everything else, including the PATed replies coming back in to .5?
_______________________________________________
Kclug mailing list
Kclug at kclug.org
http://kclug.org/mailman/listinfo/kclug



Joseph Sheperd
ksjoecho at yahoo.com
I like the dreams of the future better than the history of the past.  
--Thomas Jefferson







		
---------------------------------
Do you Yahoo!?
 Yahoo! Mail - You care about security. So do we.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://kclug.org/pipermail/kclug/attachments/20050118/3b838098/attachment-0002.htm

More information about the Kclug mailing list