Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
562
Views
0
Helpful
2
Replies

Remote Access VPN

Lharrypersaud
Level 1
Level 1

‎04-22-2005 06:06 AM - edited ‎02-21-2020 01:44 PM

I have a pix 515 configured for remote access vpn and it's working fine. I have a workstation connected to another subnet of the network. The workstation is using a vpn client software. When i connect this workstation to a Linksys router using the vpn client software it works fine but when i do the same thing using a pix 501 instead of the Linksys it never works. I think i need to open some ports on the pix 501 to let incoming vpn traffic in but i am not sure which ones to open. Can someone please help me with this?

Thanks for any help

Labels:
0 Helpful
2 Replies 2

paddyxdoyle
Level 6
Level 6

‎04-22-2005 07:00 AM

Hi,

The following command permits IPSEC protocols on a PIX from all sources, this saves you having to add specific access-lists containing the IPSEC ports

sysopt connection permit-ipsec

However, If you do want to add access lists permitting IPSEC from a specific source and not use sysopt connection permit-ipsec then you need to allow ESP and udp 500 from the external IPSEC gateway address.

HTH

Paddy

0 Helpful

Lharrypersaud
Level 1
Level 1

‎04-22-2005 08:28 AM

I tried the sysopt connection permit-ipsec and it did not work. I also cannot ping any hosts at the head office site through the vpn even though i have the - access-list outside_acl permit icmp any any echo-reply and this access list is added to the outside interface using the access group command. Can you guys think of anything else that could be causing this not to work?

Thanks again

0 Helpful
Customers Also Viewed These Support Documents