Cisco PIX and RSA passthru - What ports need opening

Hi I am trying to implement RSA in our AD environment and am not having much joy getting the system to authenticate or more to the point see the vpn over the net First of all on the LAN I can use the secure token to authenticate so I know I have the RSA server and the RRAS server working, at least on the inside The lowdown is RRAS server has 2 NIC's one in the DMZ and one on the Inside I have mapped on the PIX an outside address to (abc is not the real domain just an example) I have created a named interface in the DMZ called PEWVP01-External pointing the DMZ IP address of the RRAS server ( using a static nat to the real world IP for This interface also has a static route configured to go out of the interface which is the Ethernet interface configured on the PIX

Some questions are;

  1. What ports, if any do I need to open up on the PIX to make RSA work?
  2. What routes if any do I need to configure?
  3. Do I need to create an inside interface for the RRAS server on the PIX?

Any suggestions would be most welcome, any configs required please let me know

Regards Scott

Reply to
Loading thread data ... Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.