Pix 515 and VPN

Unanswered Question
Aug 7th, 2007

We have a Pix 515 that VPN's into our network using a Concentrator. For some reason the VPN will stay up but we can't ping or talking to each other from either side of the network.

I just popped to the remote side where the VPN goes to and I pinged our subnets back at where the concentrator is and after a few request time outs each subnet came up.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
bamnocadmin Tue, 08/07/2007 - 08:58

Hello,

Please check the following:

1. Network Lists on PIX (access-list for interested traffic) and Concentrator (Network Lists for Local and Remote Networks) - they have to match;

2. Routing behind PIX and Concentrator.

Please post your configs.

Thanks.

whiteford Tue, 08/07/2007 - 11:11

Sorry I'm on my blackberry.

It seems once the IKE tunnel is up only PCs on the side of the pix can bring up the ipsec tunnels on the side of the concentrator. If a user pings a subnet on the concentrator side it pings after a while, then the subnet on the side of the concentrator can ping back, but only when the side of the pix starts the negotiation

Actions

This Discussion