Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

VPN Help


I was wondering if anyone could help point me in the right direction with the following problem.

I have been trying to connect to several companies (that I support) VPN's from home. They have the same devices as me. Which is a Pix 501 firewall which is behind a Cisco 827 ADSL router.

I only have a single public IP which is on the Router, and the Router is performing NAT. The Pix is not performing any NAT. I have allowed all TCP, UDP and IP protocols out of my firewall. And I have allowed only, ESP,ISAKMP and pc-anywhere DATA and STATUS back in. As I want to be able to use Pc-anywhere to control the servers.

The problem I have is that I can talk to the remote PIX using the Cisco VPN client and it establishes the VPN tunnel. I get an IP address for the VPN client but I cannot connect to the server.

I have done some debugs on the Router and can see that the router is sending packets to the destination firewall but not getting a reply. I can also see that the VPN client is encrypting packets. But I get no replies.

Also if I dial up to my ISP direct using a Modem and I connect to my clients VPN I can see the server and use Pc-Anywhere. Its just a problem if I go through my PIX and Router.

Is what I am trying to do possible? Any suggestions would be greatfully appricated.



New Member

Re: VPN Help


I have managed to fix this! For anyone who is interested I needed to have a Static mapping NAT translation on my Cisco router, as the router didnt seem to know what to do with the packets once they had returned.

If anyone wants to do more than one connection out you will need several public IP's and a static NAT mapping for each client.