1. Home
  2. Cisco Systems
  3. VPN Client to PIX1 from home OK - VPN Client to PIX1 Fails from behind PIX2 firewall

VPN Client to PIX1 from home OK - VPN Client to PIX1 Fails from behind PIX2 firewall

This is likely easy. I have a PIX (PIX 1) set up at a customer site to accept a VPN client connection - no auethication except for local.

From behind by Linksys Router at home, I can run the VPN client and

have no issue. I can ping, telnet and RDP to anything behind PIX 1.

When I run the VPN client from work - behind a PX 515 ( call it PIX 2) . The VPN client connects and I get an IP address - but I cannot ping or reach any IP address behind PIX 1 (at the customer site)

Both firewalls have sysopt permit connection ipsec and nat-traversal 20 command issued on them.

Any thoughts?

PJC

Reply to
PJC
Loading thread data ...

i have the same problem with FWSM3.1 protocol 50 answer packets are blocked. at pix you can try fixup protocol esp-ike

but what to do at FWSM??

d.k.

"PJC" schrieb im Newsbeitrag news: snipped-for-privacy@j72g2000cwa.googlegroups.com...

Reply to
D K

On the FWSM's you can do the inspects.

Reply to
Brian V

My issue mysteriously resolved itself after a reboot of each device.

But - pard> >i have the same problem with FWSM3.1

Reply to
PJC

Fire Wall Services Module, goes in the 6500's and 7600's.

Reply to
Brian V

"Brian V" schrieb im Newsbeitrag news:2vSdnUV3r8bHw-3YnZ2dnUVZ snipped-for-privacy@comcast.com...

Hello Brian, how? FWSM/9/act(config-pmap-c)# inspect ? mpf-policy-map-class mode commands/options: ctiqbe dns esmtp ftp gtp h323 http icmp ils mgcp netbios pptp rsh rtsp sip skinny smtp snmp sqlnet sunrpc tftp xdmcp ???

Reply to
D K

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.