Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Using Cisco VPN and/or L2TP from Behind a PIX 501

Confgiuration: PIX 501 (6.21) Cable Modem, Single IP, DHCP on the Outside Interface, using PAT

I am trying to use the Cisco VPN Client and MS L2TP from the inside of the firewall. What must I turn on or open to pass the traffic properly through the firewall?

Thank you.

2 REPLIES
Cisco Employee

Re: Using Cisco VPN and/or L2TP from Behind a PIX 501

Upgrade the PIX to 6.3 which has support for one IPSec session thru PAT. Then enable the command:

> fixup protocol esp-ike

and your VPN client connection should work fine. Nothing you can do about the L2TP session though, these don't work thru PAT in the PIX.

Bronze

Re: Using Cisco VPN and/or L2TP from Behind a PIX 501

Hi,

You need to make sure that you are not PATing that client IP address, and open up ESP and UDP 1701 traffic for the static.

Thx

Afaq

88
Views
0
Helpful
2
Replies