Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
241
Views
0
Helpful
2
Replies

help with VPN access-list

sbantz
Level 1
Level 1

‎09-01-2004 05:48 AM - edited ‎02-21-2020 01:19 PM

I have a PIX 515 with 6.2(2)

I have created a firewall to firewall VPN. The remote site is having trouble getting to private IP's on the our subnet.

My internal subnets are 192.168.3.0/24 and 192.168.2.0/24

The remote site has a public IP of 67.99.62.5 (fudged) and an internal ip of 107.30.128.201

so, my access-list for the VPN is:

access-list SCRIPTS permit ip 192.168.3.0 255.255.255.0 107.30.128.0 255.255.255.0

access-list SCRIPTS permit ip 192.168.2.0 255.255.255.0 107.30.128.0 255.255.255.0

Does this look correct for the access-list?

Labels:
0 Helpful
2 Replies 2

a.awan
Level 4
Level 4

‎09-01-2004 11:09 AM

Your access list looks ok. Just make sure that you are exempting the private network to private network traffic from being NATTED. You can achieve this using the following command:

Nat (inside) 0 access-list SCRIPTS

I am assuming that the IPSec tunnel is up? It could be an access-list configuration problem at the remote end.

0 Helpful

sbantz
Level 1
Level 1
In response to a.awan

‎09-01-2004 11:41 AM

Thanks. That is the key I was missing. :) Much appreciated.

0 Helpful
Customers Also Viewed These Support Documents