Does anybody successfully create a LAN-to-LAN ipsec VPN between a Pix and a win2k server? I have followed documents in cisco site and microsoft site many time but still doesn't work. Here are some of my questions:
1. If win2k is a internet gateway, I should use NAT. But how can i do "no NAT" in win2k just like in PIX when dealing with ipsec traffic?
2. When I ping from pix lan to win2k lan, a SA is established successfully but the ping packet never return back. When I ping from win2k lan to pix lan, no SA is established. Any problem with the ipsec filter policy?
3. I started network monitor on win2k server, and when i ping from win2k lan to pix lan, the server logs says the pix lan is unreachable. I suppose this message means that ipsec is not protecting those traffic.
4. Is there any detailed guideline on how to implement this kind of vpn? i only got some from ms and cisco site.
My question may relate more to win2k than to cisco. However, i find more professional/expert here than in microsoft site. so i put it here.:>
Since there has been no response to your post, it appears to be either too complex or too rare an issue for other forum members to assist you. If you don't get a suitable response to your post, you may wish to review our resources at the online Technical Assistance Center (http://www.cisco.com/tac) or speak with a TAC engineer. You can open a TAC case online at http://www.cisco.com/tac/caseopen
If anyone else in the forum has some advice, please reply to this thread.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :