04-15-2003 10:46 AM - edited 02-21-2020 12:28 PM
I've got a successful tunnel running, sort of. I can ping workstations on either side just fine. From the PIX side I can ping the internal LAN port on the Linksys but from the Linksys side, I can't ping the internal port of the PIX, only the external port. From the PIX itself I can't ping diddly on the Linksys side.
All attempts to view pages on the Intranet server behind the PIX fail, as does connectivity to servers for other applications. Found 1 post regarding this and it talked about setting the MTU lower to allow for the overhead of the 56 bytes for the IPSEC header, other than that I can't find anything that is similar.
Anyone run into this before? Let me re-phrase that, anybody run into this before and solve it?
Thanks in advance!!
04-21-2003 11:52 AM
The sysopt connection permit-ipsec command allows inbound vpn traffic to bypass the translation table. Guess you would need to add this command on the PIX.
You could do a debug and check if the users behind the Linksys are able to ping the servers behind the PIX to confirm this.
Hope this helps.
04-21-2003 12:27 PM
Sorry, I should have posted back when Aamir helped me out.
The sysopt connection permit-ipsec was the answer.
Updating to ver 6.3 on the Pix made it even better.
Thanks for the reply though!!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide