Cisco VPN Client, PIX and EasyConnect are in a bar...

Daniel333Daniel333 Member Posts: 2,077 ■■■■■■□□□□
in Off-Topic
So I had a customer call in for support, he purchased a Vista Home Premium x64 laptop and wanted to be able to VPN to his office. Seemed easy enough, went to install Cisco VPN 5. Error...

Turns out Cisco VPN doesn't support x64 versions of XP and they want you to use something called AnyConnect. So now I discover AnyConnect doesn't support PIX 506e.

Any free recommendations? Have I missed something? The client is just a 4 person shop and buying an ASA is out of the question.
-Daniel
· Share on FacebookShare on Twitter

Comments

  • TechJunkyTechJunky Member Posts: 881
    Are you unable to use the windows VPN client for some reason? I use Vista Ultimate on my 64bit box and VPN into work all the time.

    We are using a 500 series pix here as well. We will be moving to a 5505 ASA soon.
    · Share on FacebookShare on Twitter
  • jibbajabbajibbajabba Member Posts: 4,317 ■■■■■■■■□□
    We use for all our VPN needs Draytek ...

    So basically no software VPN clients, but the build in VPN client in the Draytek router ..
    My own knowledge base made public: http://open902.com :p
    · Share on FacebookShare on Twitter
  • Daniel333Daniel333 Member Posts: 2,077 ■■■■■■□□□□
    Well, we don't use the Windows one simply because the PIX was not set up that way. I would have to escalate for changes to a PIX, and the client would be charged quite a lot.

    It's really what it's coming down to though.
    -Daniel
    · Share on FacebookShare on Twitter
  • tierstentiersten Member Posts: 4,505
    If the PIX is not configured to allow the Windows VPN client to connect then as you said, they're probably stuck. There are some 3rd party VPN clients available but I've no idea if they'll work and it will mean lots of configuration and testing anyway.
    · Share on FacebookShare on Twitter
  • AhriakinAhriakin Member Posts: 1,799 ■■■■■■■■□□
    Windows to PIX with the native windows client requires L2TP/IPsec so yup you'd need a config change. Anyconnect is SSL based and needs 8.x software, which as you found the 506 can't run (being able to download it through a web browser from the firewall itself is a nice feature though). If nothing else and they're willing to bite the cost of an extra OS license you can install VMWare server, make an XP 32 bit image with the VPN client installed, get the customer to install VMWare player on Vista and run your image bridged through. It's a pretty awkward way to get it running though obviously but it will work.
    We responded to the Year 2000 issue with "Y2K" solutions...isn't this the kind of thinking that got us into trouble in the first place?
    · Share on FacebookShare on Twitter
  • tierstentiersten Member Posts: 4,505
    OpenVPN might be able to do it but it'd still probably be easier to just change the PIX config.
    · Share on FacebookShare on Twitter
  • bighornsheepbighornsheep Member Posts: 1,506
    This is a long shot, but do they have any routers that could run IOS SSL VPN? IOS SSL Data Sheet IOS SSL Feature Guide Perhaps justify the need for upgrading to one and replace current router + PIX506?

    The cheapest fix/solution is probably to get the user to go back to a 32bit Windows, 4 person shop, ASA upgrade out of the question, all other workarounds will involve some hardware/software changes that likely cost more than the ~100 dollar Windows XP 32bit Pro licence.
    Jack of all trades, master of none
    · Share on FacebookShare on Twitter
Sign In or Register to comment.