--begin ciscomoderator note-- The following post has been edited to remove potentially confidential information. Please refrain from posting confidential information on the site to reduce security risks to your network. -- end ciscomoderator note --
I have set up a vpn between our Main office Running a Pix 515 Ver 6.1 connecting to a remote branch office Running Pix 506 . The VPN works out fine.
The new requirement is to Add in a VPN 3.5 Client for Roaming users.
I did try it out , but it used to fail my existing connection to the Remote office and when the client used to log on successfully and get an IP from the PIX , but then it would no longer ping any local LAN IP addresses .
Its a Very simple Design Scenario ...
LAN --- Pix 515 ---- Router ---- Internet.
I have placed below both tthe configurations an earlier one which works perfectly fine with the branch office and the modified one where in the Requirement is for VPN 3.5 Client users to long on to the Main office Running
Pix 515 . Please Note am not using Xauth .
Current Config to the branch ....
WORKING PERFECTLY FINE : )
PIX Version 6.1(1)
nameif ethernet0 outside security0
nameif ethernet1 inside security100
nameif ethernet2 dmz security50
enable password ***** encrypted
passwd **** encrypted
fixup protocol ftp 21
fixup protocol http 80
fixup protocol h323 1720
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol sip 5060
fixup protocol skinny 2000
access-list smtp permit tcp any host nnn.nn.nn.180 eq domain
access-list smtp permit tcp any host nnn.nn.nn.180 eq smtp
access-list smtp permit tcp any host nnn.nn.nn.180 eq www
access-list 110 permit ip xxx.x.2.0 255.255.255.0 yyy.y.2.0 255.255.255.0
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...