Pix behind IOS Router

gregor.marell-wigge · ‎04-07-2005

Hi everybody,

i have a problem with a pix behind an ios router.

when i try to connezt from my vpn-client i get an 412 error (remote peer is no longer responding), than i do a ping from pix to the intern (with a destination that answers), and then i try the connect again and now it works fine.

after a couple of minutes the problem reocours.

anyone have knows the solution ??

i have attached the config of both the router and the pix.

regards

gregor

b.hsu · ‎04-12-2005

I think you have PAT or NAT on your router. try issuing the command isakmp nat-traversal on pix.

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_command_reference_chapter09186a00801727a9.html#wp1027312

If no luck, please try the following; on the host with the vpn client software:

-Go to the following directory: C:\Program Files\Cisco Systems\VPN Client\Profiles.

-Open the .pcf file that represents the connection in question.

-Find "ForceKeepAlives=0", and change the value to 1. If you can't find that line, put in

"ForceKeepAlives=1", and the vpn client will respond to that syntax.

-Save the file.

gregor.marell-wigge · ‎04-13-2005

Hi Brian,

in the first thanks for your reply.

I tried this on my workstations and it works in the moment.

But i have to check if my customer make changes on the pix or the route.

I have the same problem with a router to pix and a pix to pix tunnel. where do i the settings on the router or the pix ?

thanks

gregor