?
Solved

cisco pix internally initiated traffic does not go through vpn

Posted on 2008-11-13
1
Medium Priority
?
331 Views
Last Modified: 2012-05-05
we have a cisco pix 515E with a vpn to a vendor. there are 15 devices that need to traverse the vpn, all are on the same network. The problem is, all are fine except one. The only difference is, the one device that does not want to traverse the vpn is initiating traffic to the remote site, and the others receive traffic.

the pix is denying the traffic for some reason and not sending it through the tunnel. Is there some statement i need to put in to allow for this?

The internal address are not nat'ed locally, they are natted at the remote site, hence the nonat access list. Once again, all work fine except for the one initiating traffic locally. We are on IOS version 6.3(4)
access-list vpntraffic line 15 permit ip host 10.0.200.42 10.10.20.0 255.255.255.0
access-list nonat_dmz1 line 20 permit ip host 10.0.200.42 10.10.20.0 255.255.255.0

Open in new window

0
Comment
Question by:dktt18
1 Comment
 

Accepted Solution

by:
dktt18 earned 0 total points
ID: 22954554
Figured it out. It was the remote site incorrectly configured access-list. Those guys, kept saying it was us. Grrr!
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Considering cloud tradeoffs and determining the right mix for your organization.
Will you be ready when the clock on GDPR compliance runs out? Is GDPR even something you need to worry about? Find out more about the upcoming regulation changes and download our comprehensive GDPR checklist today !
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Suggested Courses

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question