[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

VPN connection to SBS2003 via PIX 501

Posted on 2006-11-01
2
Medium Priority
?
213 Views
Last Modified: 2010-03-18
I am trying to make a client system authenticate to a Small Business Server 2003 server over a VPN connection.  At the front of that network is a PIX 501.  I am able to connect to the PIX 501 and authenticate the client on the PIX 501.  I am not able to autheticate to an account on the Small Business Server.

There are only three pieces to this puzzle at this point.  The client system (windows 2000 pro), The PIX 501, and the SBS 2003 box.

I feel the issue is at this point I am missing something in the PIX to tell it to communicate with the SBS but that is just a guess.

Thanks
0
Comment
Question by:cfische4
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 750 total points
ID: 17879162
You'll find lots of discussion about this here:  http://snipurl.com/11bqn

Do you really want to have the PIX be your endpoint?  If not, just pass the traffic through to the SBS on port 1723 with GRE Protocol 47.

Jeff
TechSoEasy
0
 

Author Comment

by:cfische4
ID: 17880941
I reviewed the link you sent and I will give the following a look and see what it does for me and let you know.

What we will need to do
to allow the GRE traffic manually is to change the current nat statement on
the firewall from "nat (inside) 1 192.168.254.0 255.255.255.0" to "nat
(inside) 1 0.0.0.0 0.0.0.0 0 0" and to add the line "access-list inbound
permit gre any host 12.12.20.12" to the access list.


My network is designed like this:


Interent --> PIX --> SBS --> Switch --> Workstations
12.12.20.12 (Public IP on WAN port of PIX). 192.168.254.1 internal port of
PIX. 192.168.254.2 is external NIC of SBS and the default internal NIC of
192.168.16.2 for SBS doing DHCP.


P.S. I made up 12.12.20.12 to protect the innocent. :-)


0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A common practice in small networks is making file sharing easy which works extremely well when intra-network security is not an issue. In essence, everyone, that is "Everyone", is given access to all of the shared files - often the entire C: drive …
This is the first one of a series of articles I’ll be writing to address technical issues that are always referred to as network problems. The network boundaries have changed, therefore having an understanding of how each piece in the network  puzzl…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question