Solved: PIX VPN and Ping

agoodwin · ‎03-28-2003

Hi,

I have a strange problem and was wondering if anyone has heard of it before. I have setup 3 site to site links with pix one site works fine but the second remote site with an identical config (changing the ip's etc tho) doesn't seem to work properly. I am seeing Terminal Services work fine from the remote site but I cannot ping their internal ip addresses or browse their networkl. Oddly enough the remote site cannot ping or browse by name or ip anything at my site BUT Terminal Services from there to here still works?

Does anyone have any idea's?

thanks for your time

Andy

shannong · ‎03-28-2003

Is sysopt for IPSEC configured in both locations? If not, do ACLs allow the traffic in the outside interfaces?

So the remote site can connect to TS at your site? Can it ping the address of the TS server? Is there an ACL entry that would allow that happen without the VPN tunnel. It's probably a nat 0 and VPN match access-list issue.

Without any ideas of your configs, it's tough to provide any assistance.

View solution in original post

shannong · ‎03-28-2003

Is sysopt for IPSEC configured in both locations? If not, do ACLs allow the traffic in the outside interfaces?

So the remote site can connect to TS at your site? Can it ping the address of the TS server? Is there an ACL entry that would allow that happen without the VPN tunnel. It's probably a nat 0 and VPN match access-list issue.

Without any ideas of your configs, it's tough to provide any assistance.

agoodwin · ‎03-31-2003

Sure I can appreciate that.

Thanks for your help.

agoodwin · ‎03-31-2003

You were right - sysopt was missing at the remote site.

Im sure they were identical too...

hmm

Its all working now - thx again!