Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

vpn through PIX 525

Hi:

I have a VPN concentrator behind a PIX 525; The problem is that I am not able to get my network using VPN Concentrator with my vpn client.

The private interface is in inside and the public is in a dmz.

Pix configuration im using is:

nat (dmz4) 0 168.165.8.1 255.255.255.255 0 0static (dmz4,outside) 168.165.8.1 168.165.8.1 netmask 255.255.255.255 0 0

conduit permit esp host 168.165.8.1 any

conduit permit udp host 168.165.8.1 eq isakmp any

The result is, VPN client seems work but in transport tunnel details the transparent tunel is inactive, I used a sniffer and I saw that the 4500 port never is opened.

so, I im not able to get my network.

If I used this other configuration it works ok

static (dmz3,outside) 168.165.1.150 192.168.45.33 netmask 255.255.255.255

conduit permit esp host 168.165.1.150 any

conduit permit udp host 168.165.1.150 eq isakmp any

Can anybody tell me what could be the problem? I want to work without using nat?

I will really apreciate your help.

Thank you.

1 REPLY
Silver

Re: vpn through PIX 525

Hello,

From the note, its not very clear of where is your VPN conecentrator. Is it in dmz3? If so, the later config looks ok. Whats the reason, you wanted to use nat 0? Which interface network are you tring to reach after building up the VPN tunnel?

Regards,

Mynul

91
Views
0
Helpful
1
Replies
CreatePlease login to create content