I'm pretty sure i already know the answer to this but here goes.
i have a pix and a vpn3000 unit in parallel. traffic passes as expected EXCEPT when a system inside the perimeter attempts to use a webvpn service on the outside interface of the concentrator. then traffic seems to simply vanish.
as i recall, this is fact of life as the PIX will not allow that traffic out when it hears it on both sides, correct?
By default pix firewall denies all the traffic . If traffic has to be passed through it then special permissions has to be given.Pix uses a atateful firewalling technique where it keeps an account of the traffic which is passed through it .If the sam traffic comes back it will allow it in else, it will simply drop
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...