Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Canot access PIX internal NIC via VPN

Hello,

We have a customer with a PIX 515 we have installed and we have a VPN from our office to them. We can connect to all their hosts behind the PIX via the VPN okay for configuring (telnet) and monitoring (SNMP). We want to monitor the PIX via snmp as well. We cannot access the internal NIC ip address via the VPN. We cannot ping, telnet or use SNMP to it.

THe VPN is working okay as I mentioned above but is there something else I need to do to allow access to the internal NIC IP address?

1 ACCEPTED SOLUTION

Accepted Solutions
Silver

Re: Canot access PIX internal NIC via VPN

That is normal Pix behavior. You cannot communicate with a Pix's interface unless it is the one receiving the traffic. Therefore, you can only monitor and communicate with the Pix's outside interface/IP from the Internet.

BTW...This has changed in Pix v6.3 that was released yesterday. You can use the [management-access] command to manage your Pix using it's private IP across a VPN tunnel.

3 REPLIES
New Member

Re: Canot access PIX internal NIC via VPN

Hi,

Is the normal pix behaviour !!

New Member

Re: Canot access PIX internal NIC via VPN

Hmm, Thanks but if this is normal PIX behaviour, how can I monitor my PIX? As I said, we currently have a VPN to our customer which terminates on the PIX. We are able to monitor the IOS routers via SNMP over the VPN as they are behind the PIX. How can I do the same for the PIX when the VPN terminates on it?

Thanks

David

Silver

Re: Canot access PIX internal NIC via VPN

That is normal Pix behavior. You cannot communicate with a Pix's interface unless it is the one receiving the traffic. Therefore, you can only monitor and communicate with the Pix's outside interface/IP from the Internet.

BTW...This has changed in Pix v6.3 that was released yesterday. You can use the [management-access] command to manage your Pix using it's private IP across a VPN tunnel.

111
Views
1
Helpful
3
Replies
CreatePlease login to create content