10-25-2002 05:10 AM - edited 02-21-2020 12:08 PM
Hello,
When I try to use my VPN Client to conect my office from a LAN (in this case a Hotel) that uses a PIX 501as their firewall it doesn't work at all (peer not responding although Internet access does work).
If I connect directly to the hotel's ADSL router Vpn works great.
Seems that the hotel's pix blocks vpn traffic, what should I change at their Pix config to allow guests use their laptop's vpn clients?
Thanks in Advance.
10-25-2002 09:45 PM
You are probably running into a IPSEC through NAT issue where the PIX is doing the nating. Are you terminating to a vpn concentrator? If so, you can do tcp over ipsec/nat transperancy etc, to get over these issues. If you are using a router or pix to terminate your vpn clients then you should just use the ADSL connection for now as they do not have those features yet.
10-28-2002 10:23 AM
I am running into the same issue with a SOHO. I cannot pass traffic through to a VPN Concentrator (Nortel Contivity 1000). Could you please tell me, or point me to a tech note that explains ipsec/nat transparency. Your help is greatly appreciated.
Thanks,
Jim
10-26-2002 09:09 AM
The PIX doesn't yet support IPSEC passthrough, unlike cheaper products from Linksys et al. I understand it is something being addressed for a future version of software. As the above message says, there is a work-around if you are using a VPN con centrator, but if your are doing standards based IPSEC to a router or to another manufacturers box (Contivity) then you are stuck for the moment.
10-28-2002 12:27 AM
Thanks for your answers,
In my case we use a router as the terminating device. I understand that succesfully connecting depends on each guest´s terminating device.
If they use a VPN concentrator it could be solved configuring this device.
If they use a router/firewall a new Pix software release is needed.
Thanks again.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide