Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Cisco VPN Client not encrypting thru a PIX, only to the PIX.

We have a client with Cisco VPN client v 3.6.3 that can connect to a PIX

520 v 6.2(2), consistantly from the internet.

On the client, after the successful connection of the VPN, we turn on a

protocol analyzer and all of the frames from the client to the PIX are

properly encrypted thru ESP.

However, when we go from the client thru the PIX, to any device, all

traffic, ping, telnet, web is not encrypted. All clear text.

How do we get all traffic from the client, thru the PIX encrypted on the

outside of the PIX?

URL would be great!

Client config:

IPSEC over UDP

No CA

PIX Config:

sysopt connection permit-ipsec

isakmp enable outside

policy authentication pre-share

encrypt des

hash md5

group 2

lifetime 86000

vpngroup xxxxx adress-pool dealer

dns-server x.x.x.x

wins-server x.x.x.x

default-domain stuff.com

idle-time 1800

password xxxxx

1 REPLY
Bronze

Re: Cisco VPN Client not encrypting thru a PIX, only to the PIX.

Hi there,

If you are not using Split-tunneling ( which I think you are not ), then all IP traffic from the client should be encrypted. Did you not see that when you had your Protocol Analyzer on?

Jazib

173
Views
0
Helpful
1
Replies