01-10-2002 06:20 AM - edited 02-21-2020 11:33 AM
Has anyone got the vpn client to work with a pix with the client behind a firewall? It appears the client/pix will not negotiate to use esp/udp. (I have the udp box checked). So, far from what I have found on the Internet is that the client will not work with a PIX if the client is behind a FW because the PIX has to tell the client to use UDP. Is there some setting on the PIX that will tell the client to use udp?
01-11-2002 06:55 AM
Hi,
I am having similer problem, I can connect to the PIX fire wall from my vpn client 3.1 in the remote network, I can also ping the outside interface of PIX firewall however I can not ping iside ip address of the PIX.
thanks in advance,
regards,
RAUL
01-11-2002 08:27 AM
If your client is behind a firewall it will not work unless you create a static map for the client IP on the firewall. The pix does not support UDP passthrough. It would be nice to know if there are any plans for the PIX to support UDP passthrough. Otherwise the VPN client with the PIX is useless.
04-12-2002 12:11 AM
Is there any news from cisco?
Thanks Renato
04-26-2002 04:55 AM
You can never ping the inside interface of a pix from the outside.
01-13-2002 07:48 AM
There is afaik no way to get esp/udp to work but to use the VPN concentrator instead.
However, there is a walk-around.
It's possible to use PPTP in this scenario, PPTP is (imho) not nearly as good or useful as IPSec but it will save your a*s since you can still establish connectivity from the client behind the firewall with the exisiting equipment :-)
The reason why the UDP checkbox is even present (since it won't work) is due to the fact that it is the same client that is used with the VPN 3000 (which supports this scenario).
/M
04-26-2002 05:31 AM
Both the PIX and Router IOS do not support UDP pass-through. I was told by Cisco they expect the IOS 12.2.14 to have this feature. I'm not sure when PIX will support it.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: