I have a PIX 515E and several interfaces, with two internet connections. I would like to use one connection for internet use and one for VPN. I have added the default route for the internet and added other routes that previously worked on a 1720 router for the VPN connection. However I cannot get the Pix to ping past the second interface.
I guess what you are doing is correct. By configure a default route to one of the internet interfaces and having static routes pointing to the other internet interfaces, you have routed the traffic. What you might look into next is if you have static routes pointing to the inside networks, especially to the source of the ping. Next check if you have defined the source IP of the ping packet as interesting for VPN initiation. Also, has the source IP been advertised or is otherwise known to the target device from which the response is expected. Next, have you entered the necessary conduits to allow ICMP packets in. ICMP packet handling is a special case in PIX where the sucessful flow of outboung packets is not sufficient to ensure that the corresponding inbound reply packets will be allowed throught. Incoming ICMP messages have to be explicitly permitted. One last thing. I don't think that you can ping the PIX's outside interface from the inside or the PIX's inside interface from the outside.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :