Solved

VPN connecting with MACs to Pix firewall, cant ping or browse

Posted on 2008-10-17
6
363 Views
Last Modified: 2013-11-12
I have been able to get the Cisco VPN client for MAC to connect to the router (I believe it connects successfully, no error after connecting) but I cannot browse the network at all after that, can't ping, can't see shares, can't do anything after connecting. Tried all the SMB,AFP tricks I could find to connect to a windows server (inside the building MACs connect to everything just fine, with or without using AppleTalk)...That's where I am at a loss...

 

Do ports need to be opened on the router? do protocols need to be allowed? Do I need an additional server set up to authenticate the MACs instead?
0
Comment
Question by:ADX39655
  • 4
  • 2
6 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 22746670
Make sure nat-t is enabled on the pix

isakmp nat-traversal 20

0
 

Author Comment

by:ADX39655
ID: 22763175
I checked and it is shown in the config. Looks like it is enabed.
isakmp enable outside
isakmp identity address
isakmp nat-traversal 20
isakmp policy 10 authentication pre-share
isakmp policy 10 encryption des
isakmp policy 10 hash md5
isakmp policy 10 group 2
isakmp policy 10 lifetime 86400

Any other ideas?

Thanks
tpressPix-E.txt
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 500 total points
ID: 22763207
>PIX Version 6.3(3)
Very, very buggy version. Suggest update to 6.3(5)

you are only using DES/MD5. Can you use 3DES? Do you have a license?
Everything else looks OK. Is it only Mac's that have a problem? Are Windows clients working OK?
0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 

Author Comment

by:ADX39655
ID: 22763296
Windows clients working fine. Only macs have a problem. It shows as connected yet still cant ping anything. I dont see a probelm with going 3DES. I guess I could update, id have to get my hands on it. No Cisco login right now.
0
 

Author Comment

by:ADX39655
ID: 22791148
Thanks for the help.
0
 

Author Closing Comment

by:ADX39655
ID: 31507349
Thanks, I now have a connections but i have a new issue. I will submitt another question.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now