Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
314
Views
0
Helpful
1
Replies

IP-in-IP Tunnelling through PIX-515E OS 7.0(4)

scheikhnajib
Level 1
Level 1

‎02-07-2006 04:51 AM - edited ‎03-09-2019 01:51 PM

Hi,

I have aproblem where one of my clients is trying to establish an IP-in-IP tunnel using a Linux service. One of his servers is sitting in my network behind a PIX 515E running OS 7.0(4) and the other is sitting in another data center.

He is claiming that my firewall is blocking his configuration and he had that scenario running with other ISPs.

He said that my firewall is "scrambeling" the TCP sequence numbers, so I went and changed his static NAT statements

to include a "norandomise" option but he said it is still the same.

The problem is that I don't know anything about the service that he is running, I have opened everything in and out for him but he is claiming that it is still not working.

Any ideas about this tunneling service, what should I do assuming that the PIX is the problem?

Thanks.

Salem.

Labels:
0 Helpful
1 Reply 1

Patrick Laidlaw
Level 4
Level 4

‎02-07-2006 11:28 AM

Salem,

Most of my experience with someone tunneling inside a vpn tunnel has not been with the TCP randomizing which shouldn't be happeneing through the VPN tunnel. It usually has to do with the MTU size's of there secondary tunnel not being set right.

But if he can provide you with some packet captures from both side of the traffic we could help look into it.

Patrick

0 Helpful
Customers Also Viewed These Support Documents