Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi all,I am getting an error when trying to use a safenet vpn client to an external GNAT box.My PIX shows "portmap translation creation failed for protocol 50 src inside (client pc IP) dst outside (GNAT Box IP)"Having read a little about it I seem to...
Hi all,If I had the following situation what sort of problems should I look out for?Router|100.100.100.1 /30||100.100.100.2 /30PIX|10.0.2.1 /16||10.0.0.2 /16ServerI have:nat (inside) 1 10.0.0.2 255.255.255.255global (outside) 1 interfacestatic (insid...
Hi,I was wondering if anyone can answer these questions for me? I have a 515 with a web and ftp server running on the dmz interface. The internal network is 10.0.x.x and the dmz server is 172.16.0.2My questions are:1-Is there anything special I wou...
Hi all,Does anyone know of any issues with using Win98 and WinME to vpn into a pix? I have XP and 2K connecting and working fine but whenever I use 98 or ME the tunnel just sits there stating "Contacting the security gateway" and eventually times ou...
Hi all,Just a quick one - can anyone tell me the max vpn connections the 506e can take with latest software. I have found the 501 was changed to 10 from 5 and I was pretty sure my 506e was now showing unlimited but I can't find confirmation on the w...
Hi,thanks for explaining that in a way I could understand it!If I use a static - did you mean to map the safenet client machine to the legal ip of the gnat endpoint or to a free ip in my range?If I map it to the gnat endpoint wouldn't it lose interne...
I have to agree I think something like:access-list inbound permit esp any host x.x.x.xaccess-list inbound permit udp any host x.x.x.x eq isakmpwhere x.x.x.x is the external ip of the pix.How about also "isakmp nat-traversal" command as well? It migh...
Hi,thanks for the reply.I was trying to get vpn inbound from outside rather than from the inside out through the pix (but then that does help with another issue I have so thanks!)I found my problem in the end, the isp I was using to test with appear ...
Hi,Sorry if I missed the global it is:nat (inside) 1 10.0.0.0 255.255.0.0global (outside) 1 interfacenat (dmz) 2 172.16.0.0 255.255.255.0global (outside) 2 1.1.1.4If thats what you mean - they are just there to give the inside and dmz internet access...
