Hello, we have both the cisco 3des vpn setup for use with the cisco secure client and we have pptp setup on our PIX firewall. The problem I am running into is that we need to be able to fully access our DMZ after tunneling in. We have gotten it so that when we tunnel in with the Cisco client we are able to telnet to devices in the DMZ, however we can not map drives. With the PPTP client I am unable to do either. I have duplicated the access lists we have in place for the IP pool that the cisco clients get with the pool of IP's that the PPTP clients get... however that didn't help. I think I am missing something pretty simple involved with a conduit, however i'm not sure.
This sounds more like a OS (i.e NT) permission problem. Since you can telnet to the devices on the DMZ, this indicates that the network is intact. Since you cant access the network resources i.e map drives this indicate that you're not logon on to that particular domain or the domain that the devices on the DMZ reside on do not trust your domain.
Which OS are the servers on the DMZ running?
Are the servers on the DMZ on a seperate domain from that of the inside interface. If so is there a trust relationship between them?
I think I worded my question poorly :) - with the Cisco VPN client we are able to telnet etc, with the PPTP client we were denied totally. I had figured it was a standard access-list problem, and it turns out it was! I didn't realize that it you name something in your config, everything is case sensitive. Thus when I put the access list in that I figured would work, it didn't... I fixed that and walla access!
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...