05-18-2006 01:24 PM - edited 02-21-2020 02:25 PM
We have several clients that need to VPN back to various coporate networks from my DMZ through and interface using PAT. Most are trying to use a cisco client using the normal ports ESP, UDP 500. Do these clients need a static translation or will it work through PAT?? I have nat transversal enabled on the pix, but hasn't changed anything.
05-19-2006 03:42 AM
it works perfectly using PAT.
Make sure that UDP port 4500 is also open here as well on the PIX interface that receives the user flow - ie.e source interface the user is on - this is for transparent tunnelling.
That will resiolve your issue
05-19-2006 03:44 AM
also upgrade to 6.3.5Ver 6.3.4 is one of the worst images I have seen yet.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: