About fembsen

fembsen · 12-05-2007

Hi all,I have a ASA 5510 configured for L2TP/IPSec VPN. The L2TP/IPSec VPN clients will get their address from a DHCP server on the inside network. This part works fine, the clients get an address. What they don't get is the DHCP options I specified ...

fembsen · 11-01-2007

Hi all,I am working on a site-to-site VPN but I can't get it to work properly. My VPN-endpoint is a PIX515 running OS version 6.3(3) (upgrading to 7 is no option because memory is not sufficient) and the other endpoint is a CheckPoint firewall. The c...

fembsen · 09-20-2007

Hi all, I have an ASA5510 which serves as an DHCP relay for L2TP/IPSec VPN Clients. The VPN clients connect to a CVPN3005 concentrator on one off the dmz segments on the ASA. The concentrator then does a DHCP request for the client to an DHCP server ...

fembsen · 03-28-2006

I have a PIX VPN hub and spoke configuration and I want to let the spokes communicate with eachother. In the documentation it says "The two outlying networks are not able to communicate with each other by going through the central PIX because the PIX...

fembsen · 03-28-2006

I have a PIX VPN hub and spoke configuration and I want to let the spokes communicate with eachother. In the documentation it says "The two outlying networks are not able to communicate with each other by going through the central PIX because the PIX...

fembsen · 11-09-2007

Thnx for the reply.I have configured access-lists but that didn't help. Also in the logs of the PIX i don't see any drops of packets.Any other ideas?Regards, Frank

fembsen · 09-27-2007

Thanx for the reply!However in our config the ASA only acts as a DHCP relay. It passes DHCP requests from the CVPN3005 on a DMZ interface to a DHCP server on the inside network.The vpn-addr-assign command is, as far as I know, only used when client V...

fembsen · 09-20-2007

Hi,Split tunneling opens a backdoor to your protected network via the VPN client so care must be taken.I had a similar configuration problem with 3000 series VPN concentrators. The concentrators now work as dhcprelay to an DHCP server on the inside n...

fembsen · 09-20-2007

Hi,IPSec uses the ESP IP protocol (not port) and UDP port 500 (isakmp) and might use the AH IP protocol.If you use Nat-T then you need UDP port 500 (isakmp) and UDP port 4500 (originally UDP port 10000). With Nat-T there is no need for the ESP and AH...

fembsen · 09-20-2007

Hi,Might have something to with the selected authentication protocols on the IAS server. See http://www.cisco.com/en/US/customer/products/hw/vpndevc/ps2030/products_configuration_example09186a00806de37e.shtmlAlso, you have to enable dial-in for the ...

Member Since	‎08-28-2002 02:20 AM
Date Last Visited	‎08-18-2017 03:51 AM
Posts	28

User Statistics

User Activity

VPN/DHCP problem

Problem with VPN using PAT

ASA - DHCP options not passed when dhcprelay enabled

PIX VPN Hub and Spoke

PIX VPN Hub and Spoke

Re: Problem with VPN using PAT

Re: ASA - DHCP options not passed when dhcprelay enabled

Re: L2TP & Split Tunneling

Re: Concentrator 3005 ports for router

Re: Radius Passowrd error