Solved

Initiate VPN Client Behind PIX Firewall

Posted on 2004-08-15
7
534 Views
Last Modified: 2010-04-12
I have just installed a Cisco PIX 506E in my network. The outside interface is connected to my cable modem and the internal interface to a switch. Everything works fine, except when I try to initiate a VPN client connection to my office network from my internal network (this worked fine when I used a Linksys router).

I assume I must be missing some additional commands for the PIX to pass the IPSec traffic, but I haven't been able to figure out what I need to do. Thanks.
0
Comment
Question by:radiusdude
  • 3
  • 3
7 Comments
 
LVL 36

Expert Comment

by:grblades
ID: 11807949
Have a look at this topic to see if it is of any help.
http://www.experts-exchange.com/Security/Firewalls/Q_20587556.html
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 125 total points
ID: 11810701
What version PIX OS?
Get the latest 6.3x - 6.3(4) just came out

You have to enable NAT-transparency, and this is not supported on anything prior to 6.3
6.3(2) is buggy
6.3(3) has a security hole
6.3(4) is the latest

0
 
LVL 36

Expert Comment

by:grblades
ID: 11810766
What is the security problem with 6.3(3) ?
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 79

Expert Comment

by:lrmoore
ID: 11810901
Very minor SSL vulnerability, but if you use SSH and HTTPS to manage it...
http://www.cisco.com/en/US/products/products_security_advisory09186a0080207d5f.shtml

6.3(3)124 build is the "fixed" version
0
 

Author Comment

by:radiusdude
ID: 11810954
Thanks! I was running 6.2(2) - I'll see if I can get the upgrade from Cisco (I bought the PIX used - I'm not sure what Cisco's upgrade policy is...)
0
 
LVL 36

Expert Comment

by:grblades
ID: 11811065
How do I find out what build version I am running? I assume that as the build date is last year it is a version which needs upgrading anyway.
'show ver' shows :-

Cisco PIX Firewall Version 6.3(3)
Cisco PIX Device Manager Version 3.0(1)

Compiled on Wed 13-Aug-03 13:55 by morlee
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 11811420
>Cisco PIX Firewall Version 6.3(3)
Yours

Mine:
Cisco PIX Firewall Version 6.3(3)124

0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Juniper VPN devices are a popular alternative to using Cisco products. Last year I needed to set up an international site-to-site VPN over the Internet, but the client had high security requirements -- FIPS 140. What and Why of FIPS 140 Federa…
OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now