Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
353
Views
0
Helpful
5
Replies

Help! Pix535 VPN configuration not working

Go to solution
eprivott
Level 1
Level 1

‎04-09-2008 12:25 PM

Hi,

We are trying to setup a remote vpn to allow clients in to our private lan then be able to use https outbound. Not split tunnel, as the client need to look like they are coming from our domain. Any help would be greatly appreciated. We can connect to the vpn with the client, and we can ping the inside network, but have issues trying to use https outbound via client. Please find my current config attached. Thanks in advance.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
acomiskey
Level 10
Level 10

‎04-09-2008 12:30 PM

same-security-traffic permit intra-interface

nat (outside) 101 172.21.200.0 netmask 255.255.255.240

I would also add...

crypto isakmp nat-traversal

View solution in original post

0 Helpful
5 Replies 5

Go to solution
acomiskey
Level 10
Level 10

‎04-09-2008 12:30 PM

same-security-traffic permit intra-interface

nat (outside) 101 172.21.200.0 netmask 255.255.255.240

I would also add...

crypto isakmp nat-traversal

0 Helpful

Go to solution
eprivott
Level 1
Level 1
In response to acomiskey

‎04-09-2008 12:48 PM

Hi and thanks. I added those lines and created an access rule to allow 172 access to our DNS. I can use nslookup, but still cannot get out via IE.

0 Helpful

Go to solution
husycisco
Level 7
Level 7
In response to eprivott

‎04-09-2008 09:55 PM

Hi Elsie,

Also add the following then post your final config

group-policy test attributes

split-tunnel-policy tunnelall

Regards

0 Helpful

Go to solution
eprivott
Level 1
Level 1
In response to husycisco

‎04-10-2008 06:56 AM

Thanks for your reply.

We did not want to do 'split-tunnel, however the commands that ACOMISKEY suggested worked.

Thanks

0 Helpful

Go to solution
eprivott
Level 1
Level 1
In response to acomiskey

‎04-10-2008 06:46 AM

Thanks!!!

We tried your suggestions and it worked!!!

Thanks Again

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents