VPN issues following PIX 535 upgrade to 7.0.4

drumrb0y · ‎01-11-2006

Following my upgrade of my PIX 535 from 6.3.4 to 7.0.4, dynamic VPN Clients can no longer reach outside destinations on the web.

I've attached scrubbed config files from both the old (6.3.4) and new image version (7.0.4), in case ther are any known bugs in the auto-conversion between the two.

Thanks in advance,

Marc

fmeetz · ‎01-17-2006

There may be several reasons for this issue.First of all, to start from the scratch,did you encounter any problem during the upgradation?

Is the PIX device functioning normally with this new image 7.04.Check whether it is booting from this new ios image and let me know regarding this.While upgrading to new ios image version, you have to remove the old version from flash(or wherever the image is stored).

Also, you have to use boot system flash:/pix704.bin for the pix device to use the corect boot up image.

Ensure with these basic things.If you are sure, then let me know so that we can proceed further to the configurations.

drumrb0y · ‎01-18-2006

Thanks for the reply;

The upgrade itself went fine and the 7.0.4 image has been running since reboot; the issue was identified by Cisco TAC and has been resolved. Apparently, the config file conversion from v6.3.4 missed a line that directed Internet-bound traffic back to VPN clients.

I appreciate your offer to help!

Marc