Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

VPN Client behind a PIX

I'm trying to connect to a remote VPN via the Cisco VPN client that is behind a PIX 515 FW. If I access the VPN outside the PIX it is ok. Anyone know how config the PIX so the Client VPN can access a remote VPN behind the PIX???

I have trying an access list to allow protocol 50 and UDP 500 - no change.

5 REPLIES
Silver

Re: VPN Client behind a PIX

Do you have any logs from the 515? Are you certain it is a IPSec vpn that is being used? Are the 515 natting? Does the SW client normally work behind NAT?

New Member

Re: VPN Client behind a PIX

No logs...I know that it works outside the PIX and works at home for me behind a LinkSys cable/dsl router with allow IPsec to pass-thru enabled. NAT is turned on on the inside interface. The SW client will work behind a Novell Bordermanager server w/NAT and ports UDP 500 and TCP 10000 allowed thru.

Silver

Re: VPN Client behind a PIX

do you have the sysopt for ipsec enabled?

i have had no trouble using the sw client from behind my pix at home, which nats everything to a vpn 30xx concentrator, as well as from behind one doing nat (0) thru another ipsec tunnel to another pix to the concentrator = both nat and no nat configs.

New Member

Re: VPN Client behind a PIX

Create one static mapping for that machine on PIX with one public IP address.

and open the corresponding ports.

Regards,

Sachin

New Member

Re: VPN Client behind a PIX

I am having the same problem with the configuration of the 515. I am using a wireless laptop connection through an inside Access Point, then to the PIX, then through the Router to the internet. The laptop works great via T-mobile hotspots and outside the PIX but refuses to work from inside. Any ideas as to the config parms I am missing? Also tried protocol 50 and UDP 500. Thank you in advance.

110
Views
0
Helpful
5
Replies
CreatePlease to create content