I have a PIX 515e running 6.3(5) with multiple site-to-site vpns configured and all is well. However when a user inside my LAN tries to launch a vpn client, whether it is Cisco IPSec or MS SSL, in order to connect to a client (these clients are not part of any of our site-to-site tunnels) they cannot get a connection.
My setup is lan ->pix->2691 router-> internet.
If I put my laptop in between the pix and the router with a public address I can get to any of these clients without any problems.
I have NAT-T enabled as well as sysopt connection permit-ipsec.
With Ethereal I see traffic going out but not coming back in.
I did explicity permit those ports, though I never see them take hits in the access-list.
I found out that certain client VPN connections do work from inside the LAN here. It appears that the one specific client IPSec VPN problem is with a client who is not using NAT. I cannot turn off NAT-T here as I have site-to-site tunnels configured. Is there a way around this? Also, I still have issues with MS SSL VPNs.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...