Re: Acces from lan to remote PIX

radayraday · ‎04-14-2005

Helo¡

We have a Cisco PIX Firewall 6.3, and we have configured VPN for a remote user. All runs OK.

One provaider (ACIDCHEM), have a http server in her LAN, and distribute "Cisco VPN client" for acces at her http services.

We configure this client in one terminal of our LAN but can´t conect ACIDCHEM VPN-Firewall across our PIX. Out of our LAN, the client can connect, and we hope that we can configure our PIX for any Lan VPN client can connect internet VPN.

sachinraja · ‎04-16-2005

hello

are there any ACLs on the inside interface of your PIX... am actually not able to get the exact scenario.. are you able to connect on VPN to the PIX ? if yes, after connecting, are u able to access the server ? can u pls give ur scenario in a detailed note ?

user - pix - router ----- router - pix - server

is this the way it is setup ?? pls let us know

Raj

radayraday · ‎04-18-2005

This is the scenario:

CONNECT:

home user (ADSL) ----- router - pix - server

CAN´T CONNECT:

user - pix - router ----- router - pix - server

If in this scenario change "cisco VPN client" for "HP VPN client" we can connect, but Hp client will be dissable 30 april.

sachinraja · ‎04-18-2005

hi raday,

referring to ur scenario:

user- PIX1- router--- router - PIX 2-server

Are there any ACL's on PIX 1 inside interface ? if so, you need to allow UDP 500, UDP 4500, IP 50 & 51 for IPSEC client access to PIX 2....

You need to add "isakmp nat-traversal 20" command on your PIX 2 and try if it is working

do this and let us know

Raj