Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member


I have a PIX 5156.3 and remote clients with VPN Client 4.8

The remote clients can access the internal Network services through vpn tunnel.

now the remote clients would have to access their own Desktop through netop remote control (host/guest)

based on vpn/ipsec from the remote location. but with my config on the pix i have found

that the user can access their desktop, but locally when they came to the office they were not able to browse the internet

such as smtp/http traffic always page cant be display and smtp server cant be found.

to give them the ability back to access the internet i do :

no static (inside,outside) netmask 0 0

clear xlate

but after that they cant do netop.

does anybody know what I must do that an

internal PC (main office) can be controled from an external PC (remote office ) with netop having all internet feature

I am using IPsec VPN tunnel. its vpn client to pix. I am doing natting

my local lan at the main office : 10.6.40.x/24

sample Desktop:

my pix:

access-list inside-access permit tcp any eq nntp

access-list inside-access permit tcp any eq ftp

access-list inside-access permit tcp any eq www

access-list inside-access permit tcp any eq domain

ip address outside x.x.x.2

ip address inside

access-list nonat permit ip

ip local pool ippool

global (outside) 1 x.x.x.x (real ip)

nat (inside) 1 0 0

static (inside,outside) netmask 0 0


Re: netop

You shold apply the static only for the port(s) used by your netop application:

static (inside,outside) tcp netmask

Rate if it helps.


CreatePlease to create content