Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

pass traffic between ezvpn client routers, with pix ezvpn server

hello,

I have a problem, I´m  configuring ezvpn client in router 881 with pix 515 how ezvpn server, the vpn is established between pix and router, and I can ping the lan in the pix from the router ezvpn client, mi problem is that I can´t ping between 2 router 881 ezvpn clientsCaptura1.PNG

can you help me

regards

4 REPLIES

Re: pass traffic between ezvpn client routers, with pix ezvpn s

You can refer to the example in the link below.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00804675ac.shtml

Basically, your PIX need to run "7.x" so that you can use "same-security-traffic permit intra-interface".

If you still can not make it work, paste your configuration here.



Cisco Employee

Re: pass traffic between ezvpn client routers, with pix ezvpn s

also you might need the following

for 8.2.1 and earlier

static (outside,outside) norandom-seq nailed

static (outside,outside) noramdom-seq nailed

failover timeout -1

for 8.2.2 and later configure tcp state bypass

New Member

Re: pass traffic between ezvpn client routers, with pix ezvpn s

hello,

tanks for your response, in the router 881 I have a link ADSL

this is the configuration of the device that I configured

regards

Re: pass traffic between ezvpn client routers, with pix ezvpn s

PIX 6.3 does not support U-turn traffic, you can not send the packet out on the same interface where it is received.

You have to upgrade to code to 7.x first.

266
Views
0
Helpful
4
Replies