We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you a podcast all about Citrix Workspace, moving to the cloud, and analytics & intelligence. Episode 2 coming soon!Listen Now

x

VPN connection to SBS2003 via PIX 501

cfische4
cfische4 asked
on
Medium Priority
224 Views
Last Modified: 2010-03-18
I am trying to make a client system authenticate to a Small Business Server 2003 server over a VPN connection.  At the front of that network is a PIX 501.  I am able to connect to the PIX 501 and authenticate the client on the PIX 501.  I am not able to autheticate to an account on the Small Business Server.

There are only three pieces to this puzzle at this point.  The client system (windows 2000 pro), The PIX 501, and the SBS 2003 box.

I feel the issue is at this point I am missing something in the PIX to tell it to communicate with the SBS but that is just a guess.

Thanks
Comment
Watch Question

Principal Consultant
CERTIFIED EXPERT
Most Valuable Expert 2016
Top Expert 2014
Commented:
You'll find lots of discussion about this here:  http://snipurl.com/11bqn

Do you really want to have the PIX be your endpoint?  If not, just pass the traffic through to the SBS on port 1723 with GRE Protocol 47.

Jeff
TechSoEasy

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts

Author

Commented:
I reviewed the link you sent and I will give the following a look and see what it does for me and let you know.

What we will need to do
to allow the GRE traffic manually is to change the current nat statement on
the firewall from "nat (inside) 1 192.168.254.0 255.255.255.0" to "nat
(inside) 1 0.0.0.0 0.0.0.0 0 0" and to add the line "access-list inbound
permit gre any host 12.12.20.12" to the access list.


My network is designed like this:


Interent --> PIX --> SBS --> Switch --> Workstations
12.12.20.12 (Public IP on WAN port of PIX). 192.168.254.1 internal port of
PIX. 192.168.254.2 is external NIC of SBS and the default internal NIC of
192.168.16.2 for SBS doing DHCP.


P.S. I made up 12.12.20.12 to protect the innocent. :-)


Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.