Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Connectivity Behind PIX

Having a odd connectivity problem behind a PIX 501. I have clients that connect just fine and can ping places behind the firewall, 192.168.1.4. I have another one that cannot ping anything behind the firewall. One odd thing is that the routing table on the client that cannot ping has the subnet that is behind the firewall, 172.28.1.0/24, going to the pool address, but the pool subnet is routed to theloopback address, 127.0.0.1. Odd. I'll attach all the configs and client routing tables. Any help is appreciated.

Thanks,

Brent

2 REPLIES
Silver

Re: Connectivity Behind PIX

you require more than 10 users to have access through the PIX Firewall at one time, perform these steps:

Purchase a 50-user license upgrade. The part number is PIX-501-SW-10-50.

License upgrades can be purchased through a Cisco reseller. For detailed information regarding licensing upgrades for the PIX, refer to Cisco PIX Security Appliance Licensing.

If you have already purchased a license, send an email to licensing@cisco.com.

Include serial number, purchase information, PIX Firewall Software version and model and what needs to be added on the activation key.

To get the PIX serial number, PIX software version and PIX model number, issue the show version command.

A show version command also tells you what type of license the PIX Firewall is running, either R (restricted) or UR (unrestricted).

Gold

Re: Connectivity Behind PIX

try adding these two commands:

isakmp identity address

isakmp nat-traversal 20

97
Views
0
Helpful
2
Replies