cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
312
Views
0
Helpful
5
Replies

VPN 3002 HW client with 7940

ryan.hicks
Level 1
Level 1

Has anyone sucessfully implemented a 7900 series phone over a VPN 3002 Hardware client to a 3005 concentrator or PIX. If so how? I can only get one way audio from the 3002 side. I have tried using the 3002 in PAT and network extension mode with IP Phone Bypass turned on. I have also tried terminating the VPN on a PIX 515 with fixup skinny and h323 turned off.

5 Replies 5

ciscomoderator
Community Manager
Community Manager

Often times complex configuration/troubleshooting issues are best addressed in an interactive session with one of our trained technical assistance engineers. While other forum users may be able to help, it’s often difficult to do so for this type of issue.

To utilize the resources at our Technical Assistance Center, please visit http://www.cisco.com/tac and to open a case with one of our TAC engineers, visit http://www.cisco.com/tac/caseopen

If anyone else in the forum has some advice, please reply to this thread.

Thank you for posting.

travis-dennis_2
Level 7
Level 7

Did you efver get this worked out? I was thinking about doing the same thing myself.

Yes I got it to work. It only works in network exstension mode.

Can the PCs behind the 3002 get to network resource ok? I ran into an issue with having to have another router on the LAN that replaced my PIX as the default gateweay and had just a few route statements in it. One to forward all non LAN traffiic to the PIX to go out to the Internet, another to forward my VPN traffic to the inside interface of the concentrator so that the packets could make a sucessfull trip. If you like you can e-mail me and we can discuss it more tdennis@catalysttech.com

Hello,

Yes I had the same problem. It's called split tunneling. I am terminating the VPN tunnel on a 3005 concentrator and I was able to turn on split tunneling so that device traffic behind the 3002 hardware client that was not destined for an internal network through the tunnel was directed out the internet locally for the 3002.

You can do VPN split tunneling on the PIX with version

Cisco PIX Firewall Version 6.2(1)

Cisco PIX Device Manager Version 2.0(1).

The device manager has a VPN wizard that allows you to create IPsec VPN tunnels with split tunneling.

I have not tested the split tunneling on the PIX.