allowing IPSEC traffic through Pix 515E


I have searched high and low for this answer and cannot find anything like this. I have a vendor that requires us to use thier VPN device to connect to thier network. This device is configured to ping an external server and if there is a response to connect to the secure server located there over the internet. If there is no response then it completes a dial backup. only certain clients have access to the VPN device, routing is working because if I turn the pings off the clients can access the web server successfully over the dial backup. When I turn ping back on we get a page cannot be displayed error (i am seeing the ping successes), meaning the IPSEC tunnel is not making it through the firewall. IAW with vendor instructions I have enabled ESP-IKE fixup protocol and created static rules for port 50 and 500

My questions follow,

  1. what am I missing? I found references to ISAKMP NAT traversal, but in order to enable that I need to disable the ESP-IKE protocol. I only have one client on the inside of the firewall that is creating and accessing the tunnel (the users connect through this device) everything I have found on ESP-IKE is that it should work.
  2. Is there another port I need to enable?
  3. The bottom line is I want to allow the IPSEC tunnel from the internal device to pass through the firewall untouched.

I do not have access at all to the vendor device

rules static (inside,outside) udp interface isakmp isakmp netmask 0 0 static (inside,outside) tcp interface 500 500 netmask 0 0 static (inside,outside) tcp interface 50 50 netmask 0 0 map

PIX 515E | | Switch | | Vendor Device (cisco 1711)

Thanks in advance for all your help John

Reply to
Loading thread data ...

Here is a sample for configuring PIX to allow IPSec thru.

formatting link
You only need to permit ESP protocol and udp 500 port (ISAKMP) from outside.

Reply to
Dumbkid Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.