1. Home
  2. Cisco Systems
  3. Cisco VPN Client to PIX 506

Cisco VPN Client to PIX 506

Have a situation where we are trying to allow a client to access our internal network using the Cisco VPN client (4.05 and 4.06) through a PIX

506. We have successfully tested this from 3 seperate locations, however the client cannot access the internal network. I can see them successfully authenticate, but then nothing. Since we can get this to work from other locations, I think we have the PIX setup correctly. I am not blocking anything by source address. Any pointers on what I can look for and what commands to utilize? Thanks in advance for any help.

Dave

Reply to
Comnet
Loading thread data ...

In article , Comnet wrote: :Have a situation where we are trying to allow a client to access our :internal network using the Cisco VPN client (4.05 and 4.06) through a PIX :506. We have successfully tested this from 3 seperate locations, however :the client cannot access the internal network. I can see them successfully :authenticate, but then nothing. Since we can get this to work from other :locations, I think we have the PIX setup correctly.

Are exactly the same client versions and Windows OS versions and patchlevel in use between successful and unsuccessful?

The VPN client has had... quality control issues... and has been a bit problematic for several releases, especially with respect to XP with SP2.

Reply to
Walter Roberson

Through my own experience I've have found that changing the IP subnet of the external client will resolve the issue. For example, if your subnet is 192.168.1.x then you may want to try to have the external use change their network to read 192.168.1.y.

I've been told that this happens because the PIX will think that the external client is trying a spoof attack.

Reply to
floydkelley

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.