Configuring 3DES Ipsec tunnel between PIX 501 and Symantec Velociraptor 7.0
I am having problems establishing a secure vpn connection between a PIX 501 and Symantec Velociraptor 7.0. As far as I can tell the Ipsec policy, tunnel policy and IKE policies match between the 2 firewalls.
I'm using a pre-share key, ESP-3des-sha Ipsec policyand 3des-sha with perfect secrecy group 1 for IKE.
I'd be happy to cut and past curent configuration if anyone is willing to look and advise.
Re: Configuring 3DES Ipsec tunnel between PIX 501 and Symantec V
Thank you for your response, these links willl be very useful in the future. Working with a TAC engineer, I was able to establish a VPN tunnel, however there are issues with the tunnel. ICMP and Telnet work through the tunnel but nothing else works. The clients behind the PIX are thin clients that connect through Microsoft-RDP connection or Citrix - ICA connections. As well I am unable to map network drives, browse network shares through network places, authenicate to the domain or connect to my Exhange mail server from the network behind the pix.
From the remote network behind the Symantec Velociraptor, I am able to access network resouces of the netwrok behind the PIX.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...