Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
345
Views
0
Helpful
1
Replies

Software VPN from behind a VPN concentrator

joe
Level 1
Level 1

‎10-04-2007 11:08 AM - edited ‎02-21-2020 03:18 PM

Hi -

I have a network with a 3005 concentrator and PIX 515 in parallel. Thre is a router on the public side of the PIX/3305 that also connects to my ISP. There is another oruter in front of the PIX/3305 that acts as my internal network default gateway and directs LAN-to LAN traffic to the 3005. my problem is when I try to use a software VPN (to a totally seperate network) from the internal network, I cannot connect. If I capture traffic to the other network on my PIX, it fails as follows: 192.168.x.x > 216.x.x.x icmp: 192.168.x.x UDP port 500 unreachable. I am allowing udp 500 traffic through an ACL, so i don't understand why this is happening. Is the ISAKMP traffic going out the concentrator? Can I prevent this? Any help is appreciated!!!

Labels:
0 Helpful
1 Reply 1

ivillegas
Level 6
Level 6

‎10-11-2007 06:21 AM

First make sure you are able to reach the destination network to which you are trying to establish Software VPN, using ping . Allow ICMP traffic to get through and test this and then check if tunnel is getting established. There might be also Nating issues. Check for this.

0 Helpful
Customers Also Viewed These Support Documents