• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 280
  • Last Modified:

VPN Client to PIX 506E Behind Efficient 5851 Router Fails (reason 412)

Hello Experts,

I recently setup a 506E, behind an Efficient Systems 5851 SDSL router.  The router is set to use public addresses (no natting).  I am port forwarding 25 and 80 from the public interface to an internal mail server.  Is there a way to use another public IP (I have 4 free) rather than the interface IP?  I used the wizzard to setup the VPN, which I've used before successfully, but I'm getting a no response from the 506 when attempting to connect from the client.  Using group permissions.  The same laptop/client successfully connects to another 506E which is in production so I know it's not the client or laptop.  Could the router be preventing IPSec/UDP from passing through?  Any concise way to confirm this, if so?  Monday I'll blow off the VPN setup and run the wizzard again but this process is usually pretty simple and has worked in the past for me.  



1 Solution
Okay, there are 2 questions here;

1. How to use additional IPs available, on the PIX. Simple;

static (inside, outside) PublicIP-1 Internal-1 netmask
static (inside, outside) PublicIP-2 Internal-2 netmask

and so on. Make sure the access-lists allow the traffic inwards. If you can't get it to work, post the full configuration.

2. VPN Problem.

Make sure IPSEC traffic is allowed to flow through the router. By default it might be off.

sgh_abaAuthor Commented:
thanks Rajesh.  Was able to get it running...


Featured Post

What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now