10-04-2010 08:21 PM
i have recently re-configured two pix 501 units after being forced into an ip change by a service provider, after performing the reconfiguration on the units i no longer can access my exchange server by url, but i can access it by static ip, i also can no longer access the exchange server via blackberry. now the vpn itself works fine no problems at all but using our vpn client software(shrewsoft) i can connect to the vpn both internally and externally but cannot browse the topology of the vpn, when i check the ipconfig on the client machines i receive an ip and subnet but do not get a gateway address, any help would be greatly appreciated! i am new to these pix units and i am stuck at this point
10-04-2010 08:51 PM
Hi James,
When using the vpn client software, in the ipconfig output if you do not get a gateway address assiciated with the pool (new private ip address assigned by vpn server), it is normal. Now i think what happened is that, after you changed the ip address, the dns name-ip mapping is still pointing to your old ip address, and thereby you are not able to browse using names, (but it works with static ip address as you have said).
--To check this, do a nslookup at the machine on which you have the vpn client, for the name of the exchange server, and see if the name resloves to the new ip address. If not then you need to check your internal dns server and correct the dns name-ip mapping.
Let me know if this helps,
Cheers,
Rudresh V
10-05-2010 10:22 AM
rudresh once i connect with the vpn software and do a nslookup it resolves to the actually server using the local ip of 172.20.20.254, but the actually static ip itself is assigned to the pix, i am still having issues, any suggestions?
10-06-2010 05:06 AM
Hi James,
This would need more analysis, can you please paste the running connfig of the PIX (make sure you mask or remove the actual ip addresses), and in the config please point the interface ip which was replaced by a new ip. Analyzing the config would help me narrow down the issue.
Cheers,
Rudresh V
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: