pass traffic between ezvpn client routers, with pix ezvpn server

Acruzgreg · ‎08-02-2010

hello,

I have a problem, I´m configuring ezvpn client in router 881 with pix 515 how ezvpn server, the vpn is established between pix and router, and I can ping the lan in the pix from the router ezvpn client, mi problem is that I can´t ping between 2 router 881 ezvpn clients

can you help me

regards

Yudong Wu · ‎08-02-2010

You can refer to the example in the link below.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00804675ac.shtml

Basically, your PIX need to run "7.x" so that you can use "same-security-traffic permit intra-interface".

If you still can not make it work, paste your configuration here.

Jitendriya Athavale · ‎08-02-2010

also you might need the following

for 8.2.1 and earlier

static (outside,outside) norandom-seq nailed

static (outside,outside) noramdom-seq nailed

failover timeout -1

for 8.2.2 and later configure tcp state bypass

Acruzgreg · ‎08-03-2010

hello,

tanks for your response, in the router 881 I have a link ADSL

this is the configuration of the device that I configured

regards

Yudong Wu · ‎08-03-2010

PIX 6.3 does not support U-turn traffic, you can not send the packet out on the same interface where it is received.

You have to upgrade to code to 7.x first.