×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

PIX firewall blocks VPN Clients

Answered Question
Sep 28th, 2010
User Badges:

Hello guys,


I have a PIX 501 firewall in my company's network. When customers from outside come inside the company and they trying to


connect to their sites via Cisco VPN client, the PIX 501 stops the VPN connection.


Any suggestions?


Thank you


Regards

Leon

Correct Answer by Jennifer Halim about 6 years 10 months ago

It depends on which version of PIX you are running.


This is assuming that the PIX firewall is passing through IPSec tunnel:


Here is a sample configuration for PIX version 6.x:

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a008009486e.shtml


Here is sample configuration for PIX version 7.x and above:

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008045a2d2.shtml


Hope that helps.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Jennifer Halim Tue, 09/28/2010 - 06:39
User Badges:
  • Cisco Employee,

Do you mean the VPN connection pass through the PIX firewall? or terminate on the PIX firewall?


If it passes through the PIX firewall:

1) What version of PIX firewall do you have?

2) Are you configuring static NAT for the VPN traffic?

3) Have you configure ACL to allow the VPN traffic?

4) What VPN protocol are you using? IPSec? PPTP? L2TP over IPSec?

leonnikolaou Tue, 09/28/2010 - 07:01
User Badges:

Hi Jennifer,


The PIX is not configured for VPN, this is for sure. To be honest, I need to make a password recovery on that PIX cause I just came into this company

and they have lost the password of the PIX. I'm not really familiar with PIX firewalls so could you pls tell me any commands (natting, acls) that allows VPN

traffic to pass through the firewall?


Thank you


Leon

Correct Answer
Jennifer Halim Tue, 09/28/2010 - 07:07
User Badges:
  • Cisco Employee,

It depends on which version of PIX you are running.


This is assuming that the PIX firewall is passing through IPSec tunnel:


Here is a sample configuration for PIX version 6.x:

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a008009486e.shtml


Here is sample configuration for PIX version 7.x and above:

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008045a2d2.shtml


Hope that helps.

leonnikolaou Tue, 09/28/2010 - 07:17
User Badges:

These configuration will really help. The PIX Version is 6.3 (5)


Thanks a lot Jennifer.

Actions

This Discussion