Solved

Initiate VPN Client Behind PIX Firewall

Posted on 2004-08-15
7
524 Views
Last Modified: 2010-04-12
I have just installed a Cisco PIX 506E in my network. The outside interface is connected to my cable modem and the internal interface to a switch. Everything works fine, except when I try to initiate a VPN client connection to my office network from my internal network (this worked fine when I used a Linksys router).

I assume I must be missing some additional commands for the PIX to pass the IPSec traffic, but I haven't been able to figure out what I need to do. Thanks.
0
Comment
Question by:radiusdude
  • 3
  • 3
7 Comments
 
LVL 36

Expert Comment

by:grblades
ID: 11807949
Have a look at this topic to see if it is of any help.
http://www.experts-exchange.com/Security/Firewalls/Q_20587556.html
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 125 total points
ID: 11810701
What version PIX OS?
Get the latest 6.3x - 6.3(4) just came out

You have to enable NAT-transparency, and this is not supported on anything prior to 6.3
6.3(2) is buggy
6.3(3) has a security hole
6.3(4) is the latest

0
 
LVL 36

Expert Comment

by:grblades
ID: 11810766
What is the security problem with 6.3(3) ?
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 
LVL 79

Expert Comment

by:lrmoore
ID: 11810901
Very minor SSL vulnerability, but if you use SSH and HTTPS to manage it...
http://www.cisco.com/en/US/products/products_security_advisory09186a0080207d5f.shtml

6.3(3)124 build is the "fixed" version
0
 

Author Comment

by:radiusdude
ID: 11810954
Thanks! I was running 6.2(2) - I'll see if I can get the upgrade from Cisco (I bought the PIX used - I'm not sure what Cisco's upgrade policy is...)
0
 
LVL 36

Expert Comment

by:grblades
ID: 11811065
How do I find out what build version I am running? I assume that as the build date is last year it is a version which needs upgrading anyway.
'show ver' shows :-

Cisco PIX Firewall Version 6.3(3)
Cisco PIX Device Manager Version 3.0(1)

Compiled on Wed 13-Aug-03 13:55 by morlee
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 11811420
>Cisco PIX Firewall Version 6.3(3)
Yours

Mine:
Cisco PIX Firewall Version 6.3(3)124

0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

For a while, I have wanted to connect my HTC Incredible to my corporate network to take advantage of the phone's powerful capabilities. I searched online and came up with varied answers from "it won't work" to super complicated statements that I did…
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now