Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
316
Views
0
Helpful
3
Replies

VPN connection through 515E

marcgijsman
Level 1
Level 1

‎08-05-2004 06:17 AM - edited ‎02-21-2020 01:16 PM

Hi All,

We are trying to make a vpn connection with a Cisco vpn client from a workstation within our network through our 515E to a remote network also protected by a cisco firewall. When we start the vpn client the connection gets build ok but we get no data traffic from the remote network. When we build the connection through a dialup connection we do have data traffic both ways. I think our firewall is refusing incoming traffic. How can we check this and resolve it.

Thanks for your help.

Marc Gijsman

Labels:
0 Helpful
3 Replies 3

mike-greene
Level 4
Level 4

‎08-05-2004 07:12 AM

Hi,

If you turn on logging on the PIX I think you'll find that the PIX is blocking ESP from the remote side peer address.

The only way I've got around this is to open ESP and IKE from the remote side peer addrress on your outside ACL.

Hope that helps.

0 Helpful

agoodwin
Level 1
Level 1
In response to mike-greene

‎08-06-2004 04:53 AM

I have to agree I think something like:

access-list inbound permit esp any host x.x.x.x

access-list inbound permit udp any host x.x.x.x eq isakmp

where x.x.x.x is the external ip of the pix.

How about also "isakmp nat-traversal" command as well? It might be worth looking at.

cheers

Andy

0 Helpful

mike-greene
Level 4
Level 4
In response to agoodwin

‎08-06-2004 05:24 AM

Hi,

That could possibly work also.

0 Helpful
Customers Also Viewed These Support Documents