problem connecting to Cisco PIX (IPSEC) when behind Cisco ASA
Posted on 2007-11-28
I have some wired problem, and I am sure it is Cisco ASA 5505.
The scenario is described below:
We have configured Cisco PIX 501 for our customer to accept VPN (IPSEC) connections using standard old Cisco VPN Client. So when the customers are sitting on Internet Cafe in the City or at home they can connect to VPN and access all their servers on corporate network.
BUT they have problems if they are siting somewhere where the Cisco ASA is used as firewall.
I had a conversation with these peoples where the ASA is used and they said NOTHING IS BLOCKED, so they told me they can`t understand why it is not possible to connect to VPN.
The symptoms of this problems are :
If these customers are sitting behind Cisco ASA, than they CAN connect to Cisco PIX no problems at all, BUT when they try to ping one of the internals ip addresses, than there is no response. Also when they try to open (log on to server via RDP) than THIS IS NOT POSSIBLE.
So I am 100 % that ASA is the problem (5505, 5520) etc...... This ASA is using 8.2 ASA version
I hope someone have solution for this problem or in all case suggestions which may help.
Still thinking maybe this is the very much alike the scenario when we need manually PERMIT PPTP connections trough the Cisco PIX.