Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
My client has a PIX 506E with Ver 6.3 running. Up until 3 days ago all was running. He deleted 5 lines of code concerning another area of the PIX. Mail has stopped working. I have checked the config and there is both a static mapping of an outsi...
I have configured a VPN client connection in a PIX 506. The VPN client user gets a solid connection to the pix & an IP address assignment from the pool. But he is unable to connect to any address on the local network. John G.
I have configured a PIX 501 to support a a VPNclient connection. The client reports a connection and the client stats page page reports an address from the address-pool. I only see encrypted traffic but no decrypted traffic. The PIX does have 2 ACLs...
I am forced by the ISP to configure an agressive mode VPN. I am now being told by a cisco tech that I cannot do this. I left the VPN configuration on the remote end alone...I confirmed that the remote PIX ipsec SA DOES contain the current ip addres...
Arul,The stats page & show cry ipsec sa both showed no decrypts. The clear xlate resolved the issue and I was able to ping devices on the network.The Client is up and functioning.Thank youJohn G.
I did change the subnet in the vpnpool to a completely different subnet, and added that subnet to my nat and nonat ACL's. It works and I have access to the LAN on the the inside interface. Problem solved!! Life is good.I believe that the client li...
The subnet behind the inside address is 192.168.1.0 /24. I am using a range from this subnet in my vpnpool statement for the mobile vpn clients. This seems to raise 2 questions. Should I be using a completely different subnet in my vpnpool range (...
I do not have an access-list entry for the mobile client. Here is my access-list. The #4 entry is correct, and it is on my list to clean up the naming soon.access-list vpn permit ip 192.15.100.0 255.255.255.0 192.15.111.0 255.255.255.0access-list n...
We were connecting directly attached to an ISP, so I was not being Natted. I supplied addresses in my vpnpool from the LAN on the inside interface of the PIX. Am I shooting myself in the foot? Am I better off using addresses from a separate subnet...
