12-01-2003 08:42 AM - edited 02-21-2020 12:53 PM
Hi,
No one replied to my last post, I'm hoping someone can give me a hand here.
I just finished configurating a vpn connection on my PIX 506E firewall. Now my problem seems to be when I connect, I can't ping any machines, and I can't browse the network. I've enabled "allow LAN access" on the client but I still don't seem to have access. In the log I have the following message "Sev=Warning/2 IKE/0xA3000067 Received Unexpected InitialContact Notify (PLMgrNotify:841). I've read the following article "http://www.cisco.com/warp/customer/471/vpn-net-hood.html#ping" but it hasn't really helped me. Has anyone experienced this before? Any help would be greatly appreciated.
Thanks
12-05-2003 08:33 AM
Hi,
Are you using NAT by any chance, Because I have seen problems when NAT is used.
Check your IP Sec configurations, especially the phase 1 (isakmp policies) configurations.
01-30-2004 01:01 PM
I had the same issue with a 515 and 501 pix and after I use the following command, I was able to ping the inside hosts:
isakmp nat-traversal 20
Uriel Naranjo.
01-30-2004 04:27 PM
It's probably a NAT or ACL issue. Post your VPN config including any commands starting with [crypto] and [isakmp].
You need to make sure tha internal traffic isn't NATted [nat 0] when returning to the tunnel. Also, you must either use [sysopt connection permit-ipsec] or create ACL entries on the outside interface to allow your tunneled traffic in.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide