03-11-2007 05:12 PM - edited 03-09-2019 05:34 PM
I have two pix firewalls a 515E and a 506E there is another router that I have no access to. I have tried using the VPN wizard to connect the two site and they will not connect. I have had a connection to the other router and connection to a vigor router.
Here is the config from both routers
03-12-2007 07:19 AM
You don't have nat exemption on sevenoaks pix.
nat (inside) 0 access-list no-nat
access-list no-nat permit ip 192.168.20.0 255.255.255.0 172.17.121.0 255.255.255.0
03-12-2007 07:44 AM
Hi,
However needless to say, but the commands go in the reverse order i.e. you configure teh access-list first and then the nat command.
HTH,
Please rate if it helps.
Regards,
Kamal
03-12-2007 07:53 AM
ya, thanks Kamal
03-14-2007 07:15 AM
Did this fix it?
03-15-2007 05:04 AM
I have wiped the config and I am trying this on a different box here are the configurations.
I cannot add the line
nat (inside) 0 access-list no-nat
The tunnels do not even try to establish. Has anyone got a pix to pix work using the wizards.
Is there any documentation for 6.3(5) for site to site pix.
03-15-2007 06:29 AM
Just a quick look, it seems you are trying to add "no-nat" when your acl is "nonat".
Try it without the "-". Just looked more closely, you already have inside_nat0_outbound, you do not need to add another nat 0.
03-15-2007 07:22 AM
This was created by the wizard.
I have tried many thing before accessing the site. has anyone got the configuration files that work on two pix's so I can replace them with my ip adress. It would be a hell of a lot easier to do this than just addeding a line at a time.
sorry for being a bit blunt.
03-15-2007 08:34 AM
The configs look fine, you will need to do some logging.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide