Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

PIX 8.0 with remote access VPN

I'm having trouble setting up Remote Access VPN with a PIX515E.

I can establish a connection with the PIX using the Cisco VPN Client, get an IP address assigned from the vpn pool, but can not ping the PIX's internal address, or access/ping any other internal resource on the HQ's network.

See the configuration in the attachment.


Re: PIX 8.0 with remote access VPN

Hello Thomas,

Try adding this,

crypto isakmp nat-traversal 20

In addition, your config exempts NAT for only to intranet, you cant access to inside network unless you create another exempt nat rule for that interface

Finally, keep in mind that intradmz ACL does permit specific computers like server-group object group to establish connection. That includes VPN traffic

For icmp, add an inspection

policy-map global_policy

class inspection_default

inspect icmp


Community Member

Re: PIX 8.0 with remote access VPN

Thanks for the suggestions.

I managed to resolve the issue, but it was something else... a terrible mistake on my part.

For nat 0 I used the inside interface... I should have used intranet. (I know, I should have used better interface naming, but we stopped using the dmz setup, and I kinda left the inside interface unused)

CreatePlease to create content