<div>
Need to ask another question
</div>


<div>
<div class="content wysiwyg-content">
I have a Pix that maintains two vpns to other companies. The traffic accross the vpn's are for the 10.246.x.x, 10.248.x.x, 10.250.x.x, 10.64.x.x, and 10.102.x.x subnets. Now I have a workstation behind the pix that is going to use the Cisco VPN client to connect to another company. The vpn is for the 10.254.13.0 subnet. The vpn client succresfully connects. However, I then launch a secure FTP client but it never connects to the ftp server across the vpn. I can't ping anything across the vpn on the workstation. I have this statement on the Pix for the other vpns:<br />
access-list nonat permit ip 192.168.230.0 255.255.255.0 10.0.0.0 255.0.0.0<br />
<br />
Could this statement be preventing the desktop's vpn from passing traffic correctly?<br />
<a href="https://filedb.experts-exchange.com/incoming/2009/05_w21/140427/pix.txt" target="_blank" class="file-inline" title="Cisco VPN Client through Pix (2 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>pix.txt</a>
</div>
</div>


pix.txt

I have a Pix that maintains two vpns to other companies. The traffic accross the vpn's are for the 10.246.x.x, 10.248.x.x, 10.250.x.x, 10.64.x.x, and 10.102.x.x subnets. Now I have a workstation behind the pix that is going to use the Cisco VPN client to connect to another company. The vpn is for the 10.254.13.0 subnet. The vpn client succresfully connects. However, I then launch a secure FTP client but it never connects to the ftp server across the vpn. I can't ping anything across the vpn on the workstation. I have this statement on the Pix for the other vpns:
access-list nonat permit ip 192.168.230.0 255.255.255.0 10.0.0.0 255.0.0.0

Could this statement be preventing the desktop's vpn from passing traffic correctly?

Client VPN through Pix Firewall

Cisco PIX is a dedicated hardware firewall appliance; the Cisco Adaptive Security Appliance (ASA) is a firewall and anti-malware security appliance that provides unified threat management and protection the PIX does not. Other Cisco devices and systems include routers, switches, storage networking, wireless and the software and hardware for PIX Firewall Manager (PFM), PIX Device Manager (PDM) and Adaptive Security Device Manager (ASDM).