11-07-2007 08:49 AM - edited 03-09-2019 07:16 PM
Hi All,
I currently have a customer with a PIX 515E running v7.x code. They use the firewall to remotely connect via a secure VPN tunnel over a BT network to central site. THis allows them to access terminal servers for their work.
Now, the central site, lets say "A" wishes to be able to send print jobs to the remote site "B" via the BT network and not through the tunnel. I have set a static translation on the PIX for this particular printer and also created 3 outside-in acl entries to allow UDP, TCP and IP from ANY to this printer. I can successfully ping the printer from site "A" ok but when i send print jobs to it, it does not work at all.
Any ideas why? Does the PIX inspect rules cause any printing type issues or should i be looking elsewhere?...
help?!?!?
RSG.
11-14-2007 10:44 AM
Could you paste the sh run, config of you PIX 515 E. It looks like an access-list problem.
11-15-2007 04:48 AM
Had the same issue with MS Terminal Server printing over vpn tunnel.
what kind of internet connection do you have? one which adds extra headers like pppoe ?
for me ...
sysopt connection tcpmss
helped
default is 1380 (1380 data + 20 TCP + 20 IP + 24 AH + 24 ESP_CIPHER + 12 ESP_AUTH + 20 IP = 1500 bytes)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide