Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
569
Views
0
Helpful
1
Replies

Two remote access VPNs trouble

moconnor
Level 2
Level 2

‎10-28-2004 11:54 AM - edited ‎03-09-2019 09:15 AM

Hi,

I have just configured my PIX 515e for remote access VPNs. All seems to be going well in VPN land until today when I was testing the VPNs behind a Linksys SOHO router at one of my remote locations.

The issue is:

I start up VPN A(using Cisco VPN client4.6) everything is good, I have remote LAN access and everything. I go to start up VPN B and the client just says trying to connect and then VPN A seems to fail saying that the remote host stopped responding.

The remote office using the Linksys is doing NAT/PAT to one DHCP public address. I have attached my config(I know split tunneling is a no-no but I need for one particular app.

Thanks in advance for any help!

Cheers,

Marc

Labels:
4675-pix.txt
0 Helpful
1 Reply 1

sstudsdahl
Level 8
Level 8

‎10-28-2004 12:52 PM

You need to add the command "isakmp nat-traversal" to your PIX config. The VPN client also needs to be setup to allow Transparent Tunneling with the method of IPSec over UDP (NAT/PAT).

The reason your first VPN session is working is I suspect you have enabled IPSec passthrough on your Linksys router. This will allow a single IPSec session to be established through the Linksys. The configuration options above allow the PIX to detect that NAT/PAT is in use by the client and that it should start encapsulating the VPN traffic in UDP packets so that they can be passed through the NAT process on the Linksys router.

0 Helpful
Customers Also Viewed These Support Documents