Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
218
Views
0
Helpful
1
Replies

connect to 501 pix from private network

ctingeys8
Level 1
Level 1

‎06-11-2004 12:08 PM - edited ‎02-20-2020 11:27 PM

I have installed a 501 pix at a remote office and am using the vpn client 4.01 I can connect just fine from my dial up connection at home and can access what ever files and computers I need to However from my other office where I am in a private network behind a watchguard firewall using nat/patI can establish a connection but cannot connect to anything it appears that I am sending packets but not recieving them

any ideas would be great

0 Helpful
1 Reply 1

gfullage
Cisco Employee
Cisco Employee

‎06-11-2004 08:16 PM

The PAT that the Watchguard is doing is stopping your IPSec packets. you can enable NAT-T on the PIx so that it and the VPn client will encapsulate the IPSec packets into UDP packets, which the Watchguard sould then be able to PAT properly.

The following v6.3 command on the PIX should get you going:

isakmp nat-traversal

Make sure the "Enable Transparent Tunnelling" checkbox is enabled on the VPN client connection properties also (should be on by default).

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card