Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

VPN Client

Hi;

i need to let one of my internal clients to establish a VPN tunnel to outside using cisco VPN client.

my clients reside behind a PIX firewall.

what should i do?

what ports and acccess list needed to be configured ?

Thanks

3 REPLIES
New Member

Re: VPN Client

Hi,

The 7.21 image has an inspect for IPSEC-pass through. So an upgrade may handle it. Understand the some firewalls close down UDP port 500 which is where IKE negotiates.

HTH

Bill

New Member

Re: VPN Client

Hi;

Thanks

my pix IOS version is 6.3

should my access list just open port 500? for IKE ?

Thanks

New Member

Re: VPN Client

You will need the following

access-list inside permit esp

access-list inside permit udp eq 500

otherwise you will only get half the problems solved.

Watch out for your NAT'ing here too.

88
Views
0
Helpful
3
Replies