VPN Clients can not access servers when Site-to-Site VPN connects first.
I have a PIX (7.01) with a site to site VPN linked to another offsite PIX this seems to work fine. I have Cisco VPN client (4.8) on some sales persons PCs connecting to the first PIX so they can connect to an exchange server.
Both types of VPN were set up with the VPN Wizard and both work fine independently.
However if the site to site VPN is connected first the subsequent VPN client connections can not find the Exchange server. They connect and authenticate correctly, I see bytes Rx in the VPN session from ASDM (5.01) but no Tx data. If I force a log out of the site-to-site VPN the clients will start to send and receive data.
The site-to-site can then reconnect and the traffic continues to flow to the clients. However if another client attempts to connect, that client then has to wait until the site-to-site times out or is manually logged off.
It seems like a routing table issue to me since I am not that acquainted with the PIX yet, I'm not sure where to look. Can anyone help?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...