Question : Problem: Whats best to use at the client end?

Hi

I have a PIX515 firewall installed at my site in England. I wish to provide VPN access to two sites in Germany and Denmark. I am going to install the necessary software on the PIX to allow VPN connections. My question is what is the best option for the other sites. One is a single user with broadband connection and static IP address. The other has three users with a broadband connection and dynamic IP address. What is the best set-up at my end, preshared keys or CA. I have read lots of Cisco stuff on VPNs and PIX and although I understand it I have not found an example that is similiar to my set-up.

It is very important to me to get this working ASAP therefore 500 points are on offer.

Regards John

Answer : Problem: Whats best to use at the client end?

Peer address on your pix would be the public ip of the router, there's no way around that.

your vpn trigger acl would look like this:

access-list 101 permit ip 192.168.172.0 255.255.255.0
Random Solutions  
 
programming4us programming4us