09-01-2004 05:48 AM - edited 02-21-2020 01:19 PM
I have a PIX 515 with 6.2(2)
I have created a firewall to firewall VPN. The remote site is having trouble getting to private IP's on the our subnet.
My internal subnets are 192.168.3.0/24 and 192.168.2.0/24
The remote site has a public IP of 67.99.62.5 (fudged) and an internal ip of 107.30.128.201
so, my access-list for the VPN is:
access-list SCRIPTS permit ip 192.168.3.0 255.255.255.0 107.30.128.0 255.255.255.0
access-list SCRIPTS permit ip 192.168.2.0 255.255.255.0 107.30.128.0 255.255.255.0
Does this look correct for the access-list?
09-01-2004 11:09 AM
Your access list looks ok. Just make sure that you are exempting the private network to private network traffic from being NATTED. You can achieve this using the following command:
Nat (inside) 0 access-list SCRIPTS
I am assuming that the IPSec tunnel is up? It could be an access-list configuration problem at the remote end.
09-01-2004 11:41 AM
Thanks. That is the key I was missing. :) Much appreciated.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide