Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

pix/vpn3000 pair "folded" traffic

I'm pretty sure i already know the answer to this but here goes.

i have a pix and a vpn3000 unit in parallel. traffic passes as expected EXCEPT when a system inside the perimeter attempts to use a webvpn service on the outside interface of the concentrator. then traffic seems to simply vanish.

as i recall, this is fact of life as the PIX will not allow that traffic out when it hears it on both sides, correct?

if anyone knows of a trick, i would be grateful

1 REPLY
Bronze

Re: pix/vpn3000 pair "folded" traffic

By default pix firewall denies all the traffic . If traffic has to be passed through it then special permissions has to be given.Pix uses a atateful firewalling technique where it keeps an account of the traffic which is passed through it .If the sam traffic comes back it will allow it in else, it will simply drop

99
Views
0
Helpful
1
Replies