Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I'm trying to set up a branch office VPN. I'm using a PIX-506e, my peer is a PIX-515. I've attached my (sanitized) configuration, and there's an equivalent one in the 515.Network setup:BO1 Inside: 192.168.0.0BO2 Inside: 130.45.14.0We cannot establi...
I'm trying to get VPN remote access working. I used the example in http://cisco.com/en/US/docs/security/pix/pix63/configuration/guide/basclnt.html#wp1076294as a template; my resulting config file is attached, as is my client profile. When I try to at...
I've got the following scenario: internal LAN at 192.168.0.x, connected to inside port of 506e. Outside port connected to cable router (SMC 8014). Cable router supplies address to 506e (10.1.10.x).I've specified address pools as PAT using the assig...
I'm setting up a 506e for the first time. I want to change the inside IP address to 192.168.0.1 (DHCP server disabled), but PIX complains that address is not in DHCP pool. I can't change pool without conflict with network address.Why won't PIX allo...
Thanks, I appreciate your help.One question though: I think my problem is that the PIXs are/can not form a SA. I can see how the change you suggested would affect routing traffic through the tunnel once formed, but my problem is that I can't get a t...
Thanks - this was very helpful.I had to add:fixup protocol pptp 1723Now it's working just like before.Thanks again for your help. I can't say that the command reference is intuitive, so your advice really helped.Regards,dpm
OK, let's consider falling back to Microsoft RAS.With my old router I just specified port forwarding to point connection requests on a specific port to a specific internal IP address. May I assume that this can also be done with the PIX? And if so...
You got it. My mail server is at an internet address."There is an option in pix/asa version 7 which allows you to bounce vpn client internet traffic off the outside interface of the firewall, so in that case the traffic would be encrypted as far as ...
"If you are concerned about security you should not use split tunnel and should disconnect from the vpn when you want to use the internet."Well, I'm confused: I *AM* concerned with security, that's why I'm using a VPN. If I could trust the local net...
