Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PIX 506 to PIX 525

I have VPN access configured and working on the corp. PIX (525). I have a PIX 506 at my home office. The VPN client connects to the Corp. PIX without a problem, however I don't have any access to the corp network. It's as if my 506 is blocking traffic from corp network even though the tunnel is created. If I bypass my 506 and go straight to the Internet the vpn connection works fine.

When I setup a site to site vpn all Internet traffic at the corp. site is stopped.

How do I configure my 506 to allow VPN client traffic between home office and the corp firewall?


Re: PIX 506 to PIX 525

In this sample configuration, a remote PIX receives an IP address through Dynamic Host Configuration Protocol (DHCP) and connects to a central PIX. This configuration enables the central PIX to accept dynamic IPSec connections. The remote PIX uses network address translation (NAT) to "join" the privately addressed devices behind it to the privately addressed network behind the central PIX. The remote PIX can initiate connections to the central PIX (it knows the end-point), but the central PIX cannot initiate connections to the remote PIX (it does not know the endpoint).