Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Cisco VPN Client from dmz of PIX

I have a machine in the DMZ of our PIX 515E (6.3.3) that needs to connect to an outside IP address. It has Cisco VPN Client 4.0.4D and it is set up to allow transparent Tunneling and to use IPSEC over UDP (NAT/PAT). If I give it a public IP and stick it on the outside everything works.

Using debug, I can see it is trying to connect to port 500 on the other side, but it gets no response.

I have a static NAT through the firewall, I have fixup protocol esp-ike, I have allowed udp ports 500, 4500 and 1000 for the DMZ and outside addresses.

Can anyone tell me what I am missing?

Thanks,

Bob

1 REPLY
Cisco Employee

Re: Cisco VPN Client from dmz of PIX

Hi Bob,

It seems that you are missing NAT-T on the other end. Please look into it.

HTH,

Please rate if it helps,

Regards,

Kamal

132
Views
0
Helpful
1
Replies
CreatePlease to create content