Solved

Initiate VPN Client Behind PIX Firewall

Posted on 2004-08-15
7
555 Views
Last Modified: 2010-04-12
I have just installed a Cisco PIX 506E in my network. The outside interface is connected to my cable modem and the internal interface to a switch. Everything works fine, except when I try to initiate a VPN client connection to my office network from my internal network (this worked fine when I used a Linksys router).

I assume I must be missing some additional commands for the PIX to pass the IPSec traffic, but I haven't been able to figure out what I need to do. Thanks.
0
Comment
Question by:radiusdude
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 36

Expert Comment

by:grblades
ID: 11807949
Have a look at this topic to see if it is of any help.
http://www.experts-exchange.com/Security/Firewalls/Q_20587556.html
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 125 total points
ID: 11810701
What version PIX OS?
Get the latest 6.3x - 6.3(4) just came out

You have to enable NAT-transparency, and this is not supported on anything prior to 6.3
6.3(2) is buggy
6.3(3) has a security hole
6.3(4) is the latest

0
 
LVL 36

Expert Comment

by:grblades
ID: 11810766
What is the security problem with 6.3(3) ?
0
Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

 
LVL 79

Expert Comment

by:lrmoore
ID: 11810901
Very minor SSL vulnerability, but if you use SSH and HTTPS to manage it...
http://www.cisco.com/en/US/products/products_security_advisory09186a0080207d5f.shtml

6.3(3)124 build is the "fixed" version
0
 

Author Comment

by:radiusdude
ID: 11810954
Thanks! I was running 6.2(2) - I'll see if I can get the upgrade from Cisco (I bought the PIX used - I'm not sure what Cisco's upgrade policy is...)
0
 
LVL 36

Expert Comment

by:grblades
ID: 11811065
How do I find out what build version I am running? I assume that as the build date is last year it is a version which needs upgrading anyway.
'show ver' shows :-

Cisco PIX Firewall Version 6.3(3)
Cisco PIX Device Manager Version 3.0(1)

Compiled on Wed 13-Aug-03 13:55 by morlee
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 11811420
>Cisco PIX Firewall Version 6.3(3)
Yours

Mine:
Cisco PIX Firewall Version 6.3(3)124

0

Featured Post

How to Defend Against the WCry Ransomware Attack

On May 12, 2017, an extremely virulent ransomware variant named WCry 2.0 began to infect organizations. Within several hours, over 75,000 victims were reported in 90+ countries. Learn more from our research team about this threat & how to protect your organization!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SOHO Router with software VPN access 1 63
Dedicated I.P., VPN, both, neither, or what? 12 64
Use packet tracer to verify anyconnect VPN 11 136
Problems with VPN 4 55
Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
If you use NetMotion Mobility on your PC and plan to upgrade to Windows 10, it may not work unless you take these steps.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question