VPN and not ipsec trafic in the same interface

Unanswered Question
Aug 19th, 2008

Hi all!

I have a problem! I use outside interface for the easyVPNserver in my PIX 535 (some user use cisco vpn client to connect on my PIX to use some security servers) :

crypto map xxx_map interface outside

isakmp enable outside

bat at the same time I want to pass the ip traffic through (not ip-sec) the same interface "outside". And I see in my syslog server the next:

PIX-6-110001: No route to 10.1.136.11 from 10.1.102.195

I have route table :

route outside 0.0.0.0 0.0.0.0 10.1.0.9 1 OTHER static

10.1.102.195 - It is the address the give me the PIX from it local pool:

ip local pool yyy 10.1.102.129-10.1.102.254

config vpngoup the next:

vpngroup xxxgroup adderss-pool yyy

vpngroup xxxgroup idle-time 1800

vpngroup xxxgroup password ********

Help! is it possible?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
andrey.v.tyurin Wed, 08/20/2008 - 02:02

Andrew!

I'm sorry, but your links does no open. I see the next:

Forbidden File or Application

The file or application you are trying to access may require additional entitlement or you are trying to access a file with an invalid name. Additional entitlement levels are granted based on a users relationship with Cisco on a per-application basis.

If you feel you have reached this page in error, please try one of the following methods to locate your document:

1. If you are manually entering the URL into your browser location bar, be sure to include the file name of the page you are trying to access (file names typically end in .htm, .html or .shtml).

2. Use the Search feature located in the upper right section of this page.

3. Return to the Cisco.com Home or select a primary site area from the top navigation bar.

4. Consult with your Cisco Account Manager to confirm you have the appropriate entitlement to access this page.

If you would like to contact someone about this problem, please click on the Contacts & Feedback link below.

andrey.v.tyurin Wed, 08/20/2008 - 22:39

HI!

I'm soo sorry that I don't tell You. Version of my PIX 6.3(5), and It does not have this command.

andrey.v.tyurin Fri, 08/22/2008 - 05:40

Sorry but we can not change this version. We have certification for this version only.

You tell that it is possible for version 7. 8.

You don't know how do this in 6.3, am I right?

Actions

This Discussion