Question : Problem: Whats best to use at the client end?

Hi

I have a PIX515 firewall installed at my site in England. I wish to provide VPN access to two sites in Germany and Denmark. I am going to install the necessary software on the PIX to allow VPN connections. My question is what is the best option for the other sites. One is a single user with broadband connection and static IP address. The other has three users with a broadband connection and dynamic IP address. What is the best set-up at my end, preshared keys or CA. I have read lots of Cisco stuff on VPNs and PIX and although I understand it I have not found an example that is similiar to my set-up.

It is very important to me to get this working ASAP therefore 500 points are on offer.

Regards John

Answer : Problem: Whats best to use at the client end?

Peer address on your pix would be the public ip of the router, there's no way around that.

your vpn trigger acl would look like this:

access-list 101 permit ip 192.168.172.0 255.255.255.0

Random Solutions

Problem: Synching 2 Blackberry Address books.

Problem: SATA Harddisk is not detected

Problem: USB protected and locked

Problem: No sound - first partially w/embedded audio files, then totally, after downloading new soundmax driver

Problem: Keep getting prompted that Quick Time is out of date

Problem: HELP! No sound. There's ONE yellow exclamation point in my Device Manager...

Problem: How do I back up groupwise server without shutting down services?

Problem: Help using a Compaq Storageworks 4300 SAN

Problem: Dead Toshiba Qosmio F10

Problem: LCD TV vs LCD Monitor