Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
389
Views
0
Helpful
2
Replies

VPN client connected but I cannot access or ping to DMZ servers

arthur.phan
Level 1
Level 1

‎01-19-2006 08:07 AM - edited ‎02-21-2020 02:12 PM

I am just having a problem with VPN Client 4.x, after the client connected (from a Windows 2000/SP4 or Windows XP/SP2 workstation), I could ping and access to the internal servers ok, but not the DMZ servers anymore. No configurations were changed from the PIX or Concentrator 3015.

Many THANKS for your help.

aphan

Labels:
0 Helpful
2 Replies 2

b.speltz
Level 4
Level 4

‎01-25-2006 06:50 AM

If internal clients need to access servers off of the DMZ interface of the PIX, and their DNS server is located on the PIX outside interface, then the PIX must do Destination Network Address Translation (DNAT) to the packets from the inside interface to the DMZ.

Here are two possible solutions:

If the PIX runs version 6.2 or later, issue this command:

static (dmz,inside) translated_IP real_ip dns

For PIX software versions 6.1 and earlier, the alternative is to issue the alias command.

alias (inside) translated_IP real_IP

0 Helpful

arthur.phan
Level 1
Level 1
In response to b.speltz

‎01-27-2006 09:21 AM

I have decided to reboot the Concentrator and it is now functioning back to normal.

Many thanks for your reply and I will keep your solutions just in case I may need it in the future...

Regards.

0 Helpful
Customers Also Viewed These Support Documents