I have VPN access configured and working on the corp. PIX (525). I have a PIX 506 at my home office. The VPN client connects to the Corp. PIX without a problem, however I don't have any access to the corp network. It's as if my 506 is blocking traffic from corp network even though the tunnel is created. If I bypass my 506 and go straight to the Internet the vpn connection works fine.
When I setup a site to site vpn all Internet traffic at the corp. site is stopped.
How do I configure my 506 to allow VPN client traffic between home office and the corp firewall?
In this sample configuration, a remote PIX receives an IP address through Dynamic Host Configuration Protocol (DHCP) and connects to a central PIX. This configuration enables the central PIX to accept dynamic IPSec connections. The remote PIX uses network address translation (NAT) to "join" the privately addressed devices behind it to the privately addressed network behind the central PIX. The remote PIX can initiate connections to the central PIX (it knows the end-point), but the central PIX cannot initiate connections to the remote PIX (it does not know the endpoint).
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...