Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Help! Pix535 VPN configuration not working

Hi,

We are trying to setup a remote vpn to allow clients in to our private lan then be able to use https outbound. Not split tunnel, as the client need to look like they are coming from our domain. Any help would be greatly appreciated. We can connect to the vpn with the client, and we can ping the inside network, but have issues trying to use https outbound via client. Please find my current config attached. Thanks in advance.

1 ACCEPTED SOLUTION

Accepted Solutions
Green

Re: Help! Pix535 VPN configuration not working

same-security-traffic permit intra-interface

nat (outside) 101 172.21.200.0 netmask 255.255.255.240

I would also add...

crypto isakmp nat-traversal

5 REPLIES
Green

Re: Help! Pix535 VPN configuration not working

same-security-traffic permit intra-interface

nat (outside) 101 172.21.200.0 netmask 255.255.255.240

I would also add...

crypto isakmp nat-traversal

New Member

Re: Help! Pix535 VPN configuration not working

Hi and thanks. I added those lines and created an access rule to allow 172 access to our DNS. I can use nslookup, but still cannot get out via IE.

Re: Help! Pix535 VPN configuration not working

Hi Elsie,

Also add the following then post your final config

group-policy test attributes

split-tunnel-policy tunnelall

Regards

New Member

Re: Help! Pix535 VPN configuration not working

Thanks for your reply.

We did not want to do 'split-tunnel, however the commands that ACOMISKEY suggested worked.

Thanks

New Member

Re: Help! Pix535 VPN configuration not working

Thanks!!!

We tried your suggestions and it worked!!!

Thanks Again

98
Views
0
Helpful
5
Replies