Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
416
Views
0
Helpful
3
Replies

ASA VPN after PIX515 firewall no access

cargiant1t
Level 1
Level 1

‎10-30-2009 01:28 AM

Hello

I have PIX515 as internet gateway where I configured static NAT to ASA

static (inside,outside) "public IP" “ASA IP” netmask 255.255.255.255

On ASA VPN I set route outside 0.0.0.0 0.0.0.0 192.168.1.1 where 192.168.1.1 is PIX

With that configuration I'm not able to access ASA VPN or WebVPN from external host

BUT

On my network is another internet line (backup) and is based on Cisco 877

When i change gateway on asa to 192.168.1.254 (Cisco 877 backup gateway) and on that router will create NAT for port 443 or any other one and pointing to ASA IP then is working without any problems (problem is so that line is not performing as fast as PIX one )

Any Idea why PIX with static NAT not allowing accessing ASA while any other host is accessible on this NAT configuration on PIX Firewall

Labels:
0 Helpful
3 Replies 3

lgijssel
Level 9
Level 9

‎10-30-2009 01:34 AM

You must also add an acl permitting this traffic on the PIX:

access-list outside permit any host "public IP".

int outside

access-group outside in

regards,

Leo

0 Helpful

cargiant1t
Level 1
Level 1
In response to lgijssel

‎10-30-2009 02:34 AM

Hi Leo

Thanks for your reply

At the moment i have about 7 static NAT and ACL running on that PIX and they are fine , but as son as I put ASA on that internal IP instead of www, pop or any other server , then is no response at all

0 Helpful

cargiant1t
Level 1
Level 1
In response to cargiant1t

‎10-30-2009 03:25 AM

I resolved that issue , it was problem on ISP site

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents