Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
490
Views
0
Helpful
6
Replies

vpn and the pix

g.hyland
Level 1
Level 1

‎01-09-2004 08:44 AM - edited ‎02-21-2020 12:59 PM

Hello,

I am trying to configure the pix for my client. The need vpn access to another company, but I am unable to connect. According to all the docs I found, I had to just add:

fixup protocol pptp 1723

nat (inside) 1 0.0.0.0 0.0.0.0 0 0

global (outside) 1 interface

all i want to do is allow a vpn connection to and from the site.

I am running IOS 6.3

Am I missing something??

Thanks

Labels:
0 Helpful
6 Replies 6

mostiguy
Level 6
Level 6

‎01-09-2004 08:55 AM

VPN connection from the site? To whom? What protocol? What solution is the other company using - it may not work behind NAT?

0 Helpful

edmonds_robert
Level 1
Level 1

‎01-09-2004 08:57 AM

How are you trying to establish the VPN connection? Are you doing a LAN-to-LAN VPN? If so, you are definitely missing something.

If you are running some sort of VPN client software on the client machines, you may be having a problem with NAT-Traversal, or NAT-T. Your client must support IPSec over UDP. Microsoft's PPTP client, for example, doesn't support it by default, but an update is available from their website that supports this functionality.

Please provide a little more detail for a better answer.

Robert

0 Helpful

g.hyland
Level 1
Level 1
In response to edmonds_robert

‎01-09-2004 09:30 AM

the pc was preconfigured by the vendor whom we are trying to connect. They did all the configuration. It's a w2k machine using the ms vpn client. I am not doing site to site. There is one pc that needs access to a vpn server at another company. I just want to allow vpn traffic to and from. I have tried to find the update for the pptp client, but can not seem to find it on microsoft's site

0 Helpful

EPHRAIM MANI
Level 3
Level 3

‎01-14-2004 05:44 AM

Hi dear

Which vpn does they use, PPTP,L2TPor IPSec.

Try using this command....

sysopt connection permit-ipsec

sysopt connection permit-pptp

Thanks

Ephraim

0 Helpful

c.baldovino
Level 1
Level 1

‎01-14-2004 10:40 AM

Hi,

1. Give out access to the internal pc with NAT(not

PAT)

2. Give the necessaries permissions to both in and

out connections:

- conduit ip host "nat ip address of pc" host "ip

address of the vpn concentrator",

- access-list 1 ip host "internal ip address of

pc" host "ip address of the vpn concentrator"

3. Then, with the command sh conn local "internal ip

address of pc" you can see the upd and tcp port

used and change both conduit and access-list.

The most of time they are: udp 500, 2746 and,

tcp 264, 256.

4. On the client, set up the ip address of the vpn

concentrator.

Regards

0 Helpful
Customers Also Viewed These Support Documents