Change VPN transport on PIX 501

I am not certain if I understand correctly what you are doing.

It is not possible on the PIX 501 to access from outside to the PIX 501 and have the PIX 501 send your packets to the outside again.

For example, you cannot do this:

#1 === vpn === PIX #2 === vpn ===

where #1 and #2 are both outside the PIX.

You can have more than one VPN connecting to the PIX 501, but those VPNs cannot talk to each other through the PIX 501.

No, simply

my remote internet side...have some tcp/udp port closed. So when i connect to PIX501 for VPN using transport UDP I cannot access to remote network.

So I want to move from UDP transport, to TCP trasport on a fixed port.

It's possibile?

Stefano

Sorry, No.

If you were using a VPN3000 series instead of a PIX, then you could configure that to use TCP 10000, but the PIX does not support that.

You mentioned that you are using nat traversal. The only ports you need for that are UDP 500 and UDP 4500. Perhaps you could arrange to get those ports opened on the firewall?

Not possibile...and using a proxy? a socks server? anything similar?

Stefano

I'm trying now.

VPN Client connects and goes on taskbar.

If I try to open a telnet on remote side i got failed. On statistics window of VPN Client i get this data:

Transparent Tunneling: Inactive Local LAN: Disabled Compression: NONE

Bytes Received: 0 Bytes Sent: 156

Packets Encrypted: 3 Packets Decrypted: 0 Packets Discarded: 3 Packets Bypassed: 350 (and this now continue to grow every seconds)

So maybe some closed ports make me not routing?

Thanks Stefano