Re: [fw-wiz] Pix VPN endpoint and split-tunnel

From: Victor Williams (vbwilliams_at_neb.rr.com)
Date: 10/14/05

  • Next message: Paul Melson: "RE: [fw-wiz] Pix VPN endpoint and split-tunnel" 
    To: Paul Melson <pmelson@gmail.com>
Date: Thu, 13 Oct 2005 22:50:24 -0500

    I might add though that at least with the ASA 5520 (the closest thing to
    a PIX 515E unrestricted) you will it about $300 more than the PIX...and
    you get OS 7 (with more stuff than is available on the PIX OS 7) and gig
    copper interfaces everywhere.

    To answer the original question, although I haven't tried it yet, I
    believe the ASA units will do what you want.

    Lastly, if you're going to go the ASA route, let the OS mature for at
    least a nother general deployment release before you implement. The
    most current version is just full of bugs and annoyances.

    Paul Melson wrote:
    > -----Original Message-----
    > Subject: RE: [fw-wiz] Pix VPN endpoint and split-tunnel
    >
    >
    >>That's pretty much what I read. I thought they may have provided a fix by
    >
    > now. As for
    >
    >>the workarounds, this is for a business partner network and I've already
    >
    > presented them
    >
    >>with the "spend" option and they don't want to.
    >>
    >>Another reply I got here from Simon expressed the possibility that PIX 7.x
    >
    > supports
    >
    >>this. (split horizon?)
    >
    >
    > RIPv2 (and therefore split horizon routing) are available as part of Cisco
    > ASA 7.0. It's my understanding that this is actually an adaptation of the
    > VPN3K software. But unless something has changed recently, this software
    > will only work on the ASA 5500 models, which will still cost your business
    > partner money. Sorry, no free lunch for them.
    >
    > PaulM
    >
    >
    > _______________________________________________
    > firewall-wizards mailing list
    > firewall-wizards@honor.icsalabs.com
    > http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
    >
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

  • Next message: Paul Melson: "RE: [fw-wiz] Pix VPN endpoint and split-tunnel"

    Relevant Pages

    • Re: [fw-wiz] Thoughts on the new Cisco ASA 5500 firewalls
      ... I just spoke with a Cisco sales rep about this. ... > Cisco is marketing the ASA 5500 appliances as PIX, VPN Concentrator, Secure ... > least out of scope features, ...
      (Firewall-Wizards)
    • Re: [fw-wiz] Pix VPN endpoint and split-tunnel
      ... > ASA 7.0. ... > VPN3K software. ... It requires a memory upgrade, but you can upgrade a 5xx series ... PIX to version 7.x of the PIX OS. ...
      (Firewall-Wizards)
    • Re: VPN from my PC to work through ASA
      ... I am trying to connect remotely via VPN to this Cisco Pix, however, I ... think the ASA is not allowing this. ...
      (comp.dcom.sys.cisco)
    • Difference between PIX and ASA
      ... can someone explain me the differnces between a PIX and an ASA, especial a PIX 515E/R and an ASA 5510 plus. ... I have the problem to combine and expand our PIX based network with a watchguard and soho-router based network. ... In the first step i will replace the 2port Watchguard on the other mainoffice with a PIX or ASA with minimal 3 NICs to implement among other things a DMZ, site-to-site VPN and the possibility for the use of the Cisco VPN-Client. ...
      (comp.dcom.sys.cisco)
    • Re: VPN from my PC to work through ASA
      ... I am trying to connect remotely via VPN to this Cisco Pix, however, I ... think the ASA is not allowing this. ...
      (comp.dcom.sys.cisco)