Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
542
Views
0
Helpful
3
Replies

Cisco VPN Client through PIX?

jasonhumes
Level 1
Level 1

‎06-02-2004 10:08 AM

Hi

I've got a PIX 501 at a remote site and a PIX535 at the head site. I can connect to the Head pix from the remote site using the Cisco VPN Client 4.0.4, yet I cannot communicate with anything. In the past I would create a static translation from the Inside VPN client to an Outside IP address. Is there any other way of doing this so that I dont have to create a static translation for each host who wants to use the vpn client. Thanks very much.

Labels:
0 Helpful
3 Replies 3

rajimish
Level 1
Level 1

‎06-02-2004 12:10 PM

Hi,

Make sure you have 6.3+ on PIX 535 with "isakmp nat-t" command in the PIX.

Thanks

0 Helpful

jasonhumes
Level 1
Level 1
In response to rajimish

‎06-03-2004 04:40 AM

Hi,

I've enabled 'isakmp nat-t' on the head pix, but I still cannot communicate with anything through the tunnel, I can connect, but cant reach anything. If I put myself outside the pix501 or make a static translation, than everything works fine. Any ideas. Thanks

0 Helpful

ehirsel
Level 6
Level 6
In response to jasonhumes

‎06-03-2004 04:59 AM

When you created the static, was that done on the pix at the remote site? Is the head-end pix assigning ip addresses to remote vpn users?

Your issue may be due to the fact that the inside addresses are being nat'ed across the vpn connection when they should not be, particularly if your vpn connection uses the same dns service that non-vpn users use. The dns is unware of the nat process.

0 Helpful
Customers Also Viewed These Support Documents