Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
239
Views
0
Helpful
2
Replies

Vpn problem with Vpnconcentrator and Pix

marco
Level 1
Level 1

‎10-06-2004 07:07 AM - edited ‎02-21-2020 01:22 PM

Hello,

I've a problem with a VPN connection established with a VPN concentrator and a Pix.

The VPN concentrator is a 3005 with 4.1.4 software version.

The Pix is a 501 with 6.3.4 software version.

The Pix is configured as a VPN client with Network Extension Mode(it's behind a non-manageable router) and NAT-T is enabled in the VPN concentrator.

The VPN tunnel is successfully established by the Pix.

There is however a problem: if I monitor the VPN session on the VPN conc side, the "Assigned IP address" (menu Monitoring -> Sessions) stay "N/A" for about ten hours. Then, it takes the value of the private network of the LAN inside the Pix. Moreover, when it's "N/A" , I can only ping the pix via the vpn conc and vice versa. No other machines on the LAN behind the vpnconc can reach the machines on the pix protected lan (and vice versa). When the value "Assigned IP Address" becomes the ip address of the private pix protected LAN, all works perfectly. It seems like that in the first phase, the VPN Concentrator doesn't know what is the subnet of the remote LAN.

But I cannot explain why there is that delay...

Thanks for your precious attention.

Labels:
0 Helpful
2 Replies 2

smalkeric
Level 6
Level 6

‎10-12-2004 11:52 AM

Try adding a Static route on the concentrator to the PIX.

0 Helpful

marco
Level 1
Level 1
In response to smalkeric

‎10-25-2004 06:01 AM

Sorry, but what next hop must I specify?

Thanks.

0 Helpful
Customers Also Viewed These Support Documents