Remote VPN client - Pix, cant ping inside network

Unanswered Question
Mar 6th, 2007

I have a VPN client try to connect to a PIX 515. I can connect from all sites, but can only ping internal devices from some locations. In both cases I get an ip address, GW, DNS. Both of the locations I'm trying use NAT/PAT (behind some firewall). I have looked in some other forum notes, there they recommed "isakmp nat-traversal". Is this a possible solution.


access-list VPN permit ip

ip address inside

ip local pool VPNKLIENTER

nat (inside) 0 access-list VPN

nat (inside) 1 0 0

sysopt connection permit-ipsec

isakmp enable outside

isakmp key xxxxx

isakmp identity address

isakmp policy 9 authentication pre-share

isakmp policy 9 encryption des

isakmp policy 9 hash md5

isakmp policy 9 group 1

isakmp policy 9 lifetime 1000

isakmp policy 10 authentication rsa-sig

isakmp policy 10 encryption des

isakmp policy 10 hash sha

isakmp policy 10 group 1

isakmp policy 10 lifetime 86400

isakmp policy 20 authentication pre-share

isakmp policy 20 encryption des

isakmp policy 20 hash md5

isakmp policy 20 group 2

isakmp policy 20 lifetime 86400

vpngroup vpnklienter address-pool VPNKLIENTER

vpngroup vpnklienter dns-server

vpngroup vpnklienter wins-server martin5

vpngroup vpnklienter idle-time 86400

vpngroup vpnklienter password xxx

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion