VPN client can't ping remote site going thru local PIX
I just upgraded from a Pix 506e v6.3(5) to a PIX 515e with v8.0(3)in my home office. Unfortunately, I'm no longer able to use the Cisco VPN client to ping or RDP to remote locations. On my previous 506e, I was able to connect from my house going through the 506e and terminated a VPN session on the customer PIX or ASA devices. From there, I was able to ping or RDP to servers and workstations. On my previous 506e, I enabled esp-ike under the fixup protocols and used an ACL for esp, isakmp, and ipsec. Now that I have a 515e with 8.0(3), the esp-ike is no longer a supported command, therefore I added NAT-T, verified the VPN client transport tab was set to use IPSEC over UDP. I've tried everything I could read through on the support forums and still no luck. What am I missing? or is this impossible to go through a local PIX to a remote PIX using a VPN client? I do not want to use the Easy VPN options as I provide remote server support for over a dozen business customers. Any help would be greatly appreciated.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...