topic Re: PIX 501 as hardware client? in Network Security https://community.cisco.com/t5/network-security/pix-501-as-hardware-client/m-p/46547#M623587 <HTML><HEAD></HEAD><BODY><P>Split Tunneling is what i was looking for. it works</P></BODY></HTML> Thu, 26 Sep 2002 15:47:26 GMT singh.andy 2002-09-26T15:47:26Z PIX 501 as hardware client? https://community.cisco.com/t5/network-security/pix-501-as-hardware-client/m-p/46546#M623580 <P>Hello, </P><P></P><P>I've been playing around with pix 501 as hw vpn client with easy vpn server. It works fine, but when vpnclient is enable i can't browse the internet. when it is disable i can browse just fine. Is this how it's suppose to be. here's the config from the pix </P><P></P><P>PIX Version 6.2(2) </P><P>nameif ethernet0 outside security0 </P><P>nameif ethernet1 inside security100 </P><P>enable password --moderator edit-- encrypted </P><P>passwd 2KFQnbNIdI.2KYOU encrypted </P><P>hostname pixfirewall </P><P>fixup protocol ftp 21 </P><P>fixup protocol http 80 </P><P>fixup protocol h323 h225 1720 </P><P>fixup protocol h323 ras 1718-1719 </P><P>fixup protocol ils 389 </P><P>fixup protocol rsh 514 </P><P>fixup protocol rtsp 554 </P><P>fixup protocol smtp 25 </P><P>fixup protocol sqlnet 1521 </P><P>fixup protocol sip 5060 </P><P>fixup protocol skinny 2000 </P><P>names </P><P>pager lines 24 </P><P>interface ethernet0 10baset </P><P>interface ethernet1 10full </P><P>mtu outside 1500 </P><P>mtu inside 1500 </P><P>ip address outside dhcp </P><P>ip address inside 192.168.x.x 255.255.255.0 </P><P>ip audit info action alarm </P><P>ip audit attack action alarm </P><P>pdm history enable </P><P>arp timeout 14400 </P><P>global (outside) 1 interface </P><P>nat (inside) 1 0.0.0.0 0.0.0.0 0 0 </P><P>conduit permit icmp any any </P><P>route outside 0.0.0.0 0.0.0.0 x.x.x.x 1 </P><P>timeout xlate 3:00:00 </P><P>timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323 0:05:00 si </P><P>p 0:30:00 sip_media 0:02:00 </P><P>timeout uauth 0:05:00 absolute </P><P>aaa-server TACACS+ protocol tacacs+ </P><P>aaa-server RADIUS protocol radius </P><P>aaa-server LOCAL protocol local </P><P>no snmp-server location </P><P>no snmp-server contact </P><P>snmp-server community public </P><P>no snmp-server enable traps </P><P>floodguard enable </P><P>no sysopt route dnat </P><P>telnet timeout 5 </P><P>ssh timeout 5 </P><P>dhcpd address 192.168.x.x-192.168.x.x inside </P><P>dhcpd dns 10.x.x.x </P><P>dhcpd wins x.x.x.x </P><P>dhcpd lease 86400 </P><P>dhcpd ping_timeout 750 </P><P>dhcpd domain synopsys.com </P><P>dhcpd enable inside </P><P>vpnclient vpngroup hwclient password ******** </P><P>vpnclient username andy password ******** </P><P>vpnclient server x.x.x.x </P><P>vpnclient mode network-extension-mode </P><P>vpnclient enable </P><P>terminal width 80 </P><P>Cryptochecksum:88a0d47ec8505a9ecca869e5fd64f3f0 </P><P>: end </P><P>[OK]</P> Fri, 21 Feb 2020 06:16:07 GMT https://community.cisco.com/t5/network-security/pix-501-as-hardware-client/m-p/46546#M623580 singh.andy 2020-02-21T06:16:07Z Re: PIX 501 as hardware client? https://community.cisco.com/t5/network-security/pix-501-as-hardware-client/m-p/46547#M623587 <HTML><HEAD></HEAD><BODY><P>Split Tunneling is what i was looking for. it works</P></BODY></HTML> Thu, 26 Sep 2002 15:47:26 GMT https://community.cisco.com/t5/network-security/pix-501-as-hardware-client/m-p/46547#M623587 singh.andy 2002-09-26T15:47:26Z