Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
308
Views
0
Helpful
1
Replies

PIX 6.2 to Cisco Router 2821 12.3t vpn tunnel

jabath
Level 1
Level 1

‎04-18-2005 11:26 AM

Pix to router vpn connection

We created an ipsec vpn tunnel using preshared key between the router and pix box. The ipsec tunnel gets established, but only some of the traffic can flow if initiated by the PIX source networks.

We have ten rules listed in the acl. We have compared them and checked the masking, since it is inverted for the router ACL. If someone behind the pix box generates a ping from an ACL defined subnet - the router recipient networks can suddenly "see" all nodes in the pix protected network.

The initial request for connection seems to have to come from behind the pix box. The connection will work for a period of time and cannot be initiated from networks behind the router. The show crypto sessions (router) do not show the session until it established by an end user ping behind the pix unit. The pix box also supports vpn client users.

Thanks,

Jim

Labels:
0 Helpful
1 Reply 1

didyap
Level 6
Level 6

‎04-23-2005 05:35 AM

The document Configuring IPSec - Router to PIX can help in solving the problem you are facing.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080094498.shtml

0 Helpful
Customers Also Viewed These Support Documents