Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
417
Views
0
Helpful
2
Replies

Can't get traffic through router beneath PIX

meadedood
Level 1
Level 1

‎09-24-2004 06:18 PM

I can't get traffic through the router that my PIX is directly connected to. I'm using vpngroups with LOCAL authenication. I can successfully ping the 2611 router interface directly beneath my PIX, and I can also ping any device sharing the same subnet as that interace, but I can't ping any other interface on the router. Other traffic from the PIX passes normally. There are no ACLs preventing access from the VPN client pool from leaving the 2611. Am I missing something? If I do a traceroute from a VPN client the traffic times out once it pings the leading interface on the 2611.

Labels:
0 Helpful
2 Replies 2

meadedood
Level 1
Level 1

‎09-24-2004 06:19 PM

Sorry, I should have specified "VPN" traffic.

0 Helpful

ehirsel
Level 6
Level 6

‎09-26-2004 06:09 PM

Are there any other routers in your network besides the 2611?

Examine the router config with regards to route statements, and protocols, as well as route-maps and nat/pat configuration. Are you doing nat/pat on the 2611 for any type of traffic, such as non-vpn traffic, but using a route-map to bypass nat/pat for vpn traffic? Are you using static routes on the 2611?

Please run the debug ip packet on the 2611, and then have the vpn client send a packet thru it, and post the debug results here.

0 Helpful
Customers Also Viewed These Support Documents