Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

IPSEC payload through a PIX

Hi,

I'm trying to setup a connection between a PIX and a VPN 3015 and have the following problem:

The tunnel is established ( I can see the connection on my VPN 3015 ), but the payload ( ESP, IP/50 ) doesn't go through my PIX FW in between the other PIX FW an the concentrator

PIX ( initiator ) --> PIX FW --> VPN3015 ( server )

PIX config: conduit permit ip host x host y

where x= PIX ( initiator ), y= VPN3015

1 REPLY
Silver

Re: IPSEC payload through a PIX

I am not sure if the sysopt permit ipsec option works for ipsec traffic *through* a pix , meaning, ipsec traffic that actually does not terminate on it. You might want to add lines allowed ESP traffic to the ip address of the 3015 to the ACLs on the pix in the middle

77
Views
0
Helpful
1
Replies
CreatePlease to create content