Cisco PIX Firewall supports the same IPSec tunnel mode client supported by Internetwork Operating System (IOS), which is licensed from Information Resource Engineering (IRE). Layer 2 Tunneling Protocol (L2TP) is not currently supported by Cisco PIX Firewall, but Point-to-Point Tunneling Protocol (PPTP) is supported in PIX version 5.1 and later.

Cisco Secure PIX Firewall Software Release 6.0 adds support for Layer 2 Tunneling Protocol (L2TP) over Internet Protocol Security (IPSec). Users that run Windows 2000 can use the native IPSec client and L2TP client to establish an L2TP tunnel to the PIX firewall. The traffic flows through the L2TP Tunnel encrypted by IPSec security associations (SAs). Certificate support in PIX 6.0 includes Baltimore, Microsoft, VeriSign, and Entrust servers. Currently, PIX does not accept L2TP requests without IPSec protection.

There is currently no Microsoft provided virtual private network (VPN) client that works with Cisco PIX Firewall. Microsoft Windows 95, Microsoft Windows 98, Microsoft Windows NT 4.0 and Windows 2000 PPTP should work if your Cisco PIX PPTP implementation supports user ID/password user authentication. Cisco's PIX PPTP is not expected to include Extensible Authentication Protocol, so certificate-based user authentication by using a smart card is not supported. Because L2TP is not currently supported by Cisco PIX, L2TP/IPSec in Windows 2000 does not work as a remote access client to the PIX.

The following excerpt is from Cisco's Web site: For updated information, please check the following Cisco Web site: Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.

The third-party products that are discussed in this article are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, regarding the performance or reliability of these products.