Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
290
Views
0
Helpful
2
Replies

Linksys BEFVP41 to PIX 515 VPN - can ping but all else fails...

dqualls
Level 1
Level 1

‎04-15-2003 10:46 AM - edited ‎02-21-2020 12:28 PM

I've got a successful tunnel running, sort of. I can ping workstations on either side just fine. From the PIX side I can ping the internal LAN port on the Linksys but from the Linksys side, I can't ping the internal port of the PIX, only the external port. From the PIX itself I can't ping diddly on the Linksys side.

All attempts to view pages on the Intranet server behind the PIX fail, as does connectivity to servers for other applications. Found 1 post regarding this and it talked about setting the MTU lower to allow for the overhead of the 56 bytes for the IPSEC header, other than that I can't find anything that is similar.

Anyone run into this before? Let me re-phrase that, anybody run into this before and solve it?

Thanks in advance!!

Labels:
0 Helpful
2 Replies 2

owillins
Level 6
Level 6

‎04-21-2003 11:52 AM

The sysopt connection permit-ipsec command allows inbound vpn traffic to bypass the translation table. Guess you would need to add this command on the PIX.

You could do a debug and check if the users behind the Linksys are able to ping the servers behind the PIX to confirm this.

Hope this helps.

0 Helpful

dqualls
Level 1
Level 1
In response to owillins

‎04-21-2003 12:27 PM

Sorry, I should have posted back when Aamir helped me out.

The sysopt connection permit-ipsec was the answer.

Updating to ver 6.3 on the Pix made it even better.

Thanks for the reply though!!

0 Helpful
Customers Also Viewed These Support Documents