Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

i couldnot ping the inside interface of the firewall PIX 515 from the a vpn

I am at home receive a ip address 192.168.60.1 and i couldnot ping the inside interface of the pix 501(192.168.50.1)

this the partial of the config( i remove line command for security)

nameif ethernet0 outside security0

nameif ethernet1 inside security100

access-list outside_access_in permit icmp any any echo-reply

access-list 101 permit ip 192.168.50.0 255.255.255.0 192.168.60.0 255.255.255.0

ip address inside 192.168.50.1 255.255.255.0

ip local pool ippool 192.168.60.1-192.168.60.254

global (outside) 1 interface

nat (inside) 0 access-list 101

nat (inside) 1 0.0.0.0 0.0.0.0 0 0

access-group outside_access_in in interface outside

sysopt connection permit-ipsec

crypto ipsec transform-set myset esp-des esp-md5-hmac

crypto dynamic-map dynmap 10 set transform-set myset

crypto map mymap 10 ipsec-isakmp dynamic dynmap

crypto map mymap client authentication LOCAL

crypto map mymap interface outside

isakmp enable outside

isakmp identity address

isakmp policy 8 authentication rsa-sig

isakmp policy 8 encryption des

isakmp policy 8 hash sha

isakmp policy 8 group 1

isakmp policy 8 lifetime 86400

isakmp policy 10 authentication pre-share

isakmp policy 10 encryption des

isakmp policy 10 hash md5

isakmp policy 10 group 2

isakmp policy 10 lifetime 86400

vpngroup vpn3000 address-pool ippool

vpngroup vpn3000 split-tunnel 101

vpngroup vpn3000 idle-time 1800

vpngroup vpn3000 device-pass-through

vpngroup vpn3000 password ********

1 REPLY
Green

Re: i couldnot ping the inside interface of the firewall PIX 515

Add..

management-access inside

Please rate helpful posts.

107
Views
0
Helpful
1
Replies
CreatePlease to create content