06-14-2004 06:11 AM - edited 03-09-2019 07:44 AM
I have a PIX 501 at home and I am trying to connect via pcanywhere to work from one of the stations on my home lan. Ever since I installed pix the pcanywhere connection can NOT be established anymore.
Do i neet to allow port TCP 5631 & UDP 5632 on the outside interface? If so, should't the connection state take care of that?
06-14-2004 07:38 AM
Do you have an access-list applied to the inside interface of the pix 501?
Are you connecting to the corp. network via a VPN connection? If not, how are you referring to the corp. network host - by name or ip address?
I don't believe that you need to allow the tcp and udp ports on the outside interface.
Examine the pix501 log entries for any messages relating to your pcAnywhere connection. Set the buffer log to error or info and post what messages you get.
06-14-2004 04:38 PM
The access-list on the inside interface is as follows: (I even tried to remove this access-list and still no luck)
access-list Outgoing line 1 permit ip 192.168.1.0 255.255.255.0 any
I don't use VPN to connect to corporate network, it is referred as the ip address. The pinging is turned off on the corporate gateway.
The following output is generated from the debbuging logs on pix:
Jun 10 18:23:20 192.168.1.1 PIX %PIX-6-305011: Built dynamic UDP translation from inside:192.168.1.2/3029 to outside:pix_outside_ip/1533
Jun 10 18:23:20 192.168.1.1 PIX %PIX-6-302015: Built outbound UDP connection 2001 for outside:corp_ip/5632 (corp_ip/5632) to inside:192.168.1.2/3029 (pix_outside_ip/1533)
Jun 10 18:23:30 192.168.1.1 PIX %PIX-7-710005: UDP request discarded from 192.168.1.2/137 to inside:192.168.1.255/netbios-ns
06-16-2004 10:05 AM
I was finally able to determine the real issue. It lays on the corporate pcanywhere host. The PCanywhere host has a cisco vpn client installed and that seem to create a problem. Other machines on the network can't ping the host but the host can ping them. The moment i uninstall vpn client everything goes back to normal operation.
Any idea why this happens?
08-12-2004 05:12 AM
The Cisco VPN Client has an "Stateful Firewall" option which can be set to "Always On". Did you check it's setting?
BC
08-12-2004 06:41 AM
I could not establish connection because The VPN client software installed on the PC anywhere host had statfull firewall setting on.
Thanks,
Wesley
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide