Solved

Pass Client to Site IPSec VPN Tunnell Through Pix 6.3x

Posted on 2006-10-26
5
718 Views
Last Modified: 2013-11-16
I am trying to allow a client to site VPN tunnell through a PIX Firewall (version 6.3x).  Can anyone shed any light?
0
Comment
Question by:jhartlov
  • 3
  • 2
5 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 375 total points
ID: 17814804
Depends. What client are they using?
Do you have your own VPN configuration for external users to VPN in, or have a site-site VPN tunnel?

2 things to try:
 isakmp nat-traversal 20  <== other end must be setup to allow allow clients to use nat-traversal
 fixup protocol ike-esp <== can't use this if you also have VPN's on your PIX

Else, give this client a 1-1 static nat if you have enough public IP addresses.
0
 
LVL 1

Author Comment

by:jhartlov
ID: 17814827
I am using this to terminate site to site tunnels as well as to terminate client to site tunnels.  Not looking good?
0
 
LVL 1

Author Comment

by:jhartlov
ID: 17814872
Would it be easier if I were to upgrade this box to PIX v7?
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 17815186
7.0 does not provide any advantage in this regard.
What client software are they using? A 1-1 static nat will fix the issue..
0
 
LVL 1

Author Comment

by:jhartlov
ID: 17815983
isakmp nat-traversal on the other end did the trick!  Thanks!
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Overview The Cisco PIX 501, PIX 506e, ASA 5505 and ASA 5510 (most if not all of this information will be relevant to the PIX 515e but I do not have a working configuration handy to verify the validity) are primarily used within small to medium busi…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question