I have a user who needs to VPN out from the internal network of the pix to a site on the internet. I tried settings which do not work. I know I need to allow protocol 50 in, just can'f figure out how to. Any help is appreciated.
Things I have tried:
static (inside,outside) x.x.5.21 x.x.x.104
access-list 101 permit ip host x.x.x.104 host x.x.22.248
access-list 101 permit ip host x.x.22.248 host x.x.5.21
access-list 101 permit esp any any
conduit permit tcp host x.x.x.104 host x.x.22.248
conduit permit udp host x.x.x.104 host x.x.22.248
conduit permit ip host x.x.x.104 host x.x.22.248
conduit permit 50 host x.x.x.104 host x.x.22.248
This does work if I do a access-list 100, but everything else stops working. We are still using conduit commands (PIX OS 6.01).
Thanks