Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
309
Views
0
Helpful
3
Replies

VPN and STATIC webserver

davidcagney
Level 1
Level 1

‎06-23-2005 06:41 AM - edited ‎02-21-2020 01:50 PM

I have a PIX 501 with a VPN in operation and all works OK using the VPN client software. I want to publish an exchange based webmail service as well and have used the access-list, access-group and static commands. The webmail works OK but now none og the VPN clients can connect. (remote peer not responding). Removing the Static command re-enables the VPN but obviously web mail dissappears. I'd love a solution to this as I have a pain in the neck with this.

Thanks!

Labels:
0 Helpful
3 Replies 3

mostiguy
Level 6
Level 6

‎06-23-2005 09:36 AM

The clients are vpn'ing to the pix, or a device behind it? IPSec or PPTP vpn?

What does your access list on the outside inteface look like? What do you have for sysopt commands enabled?

0 Helpful

davidcagney
Level 1
Level 1
In response to mostiguy

‎06-23-2005 11:00 PM

The Clients are vpn'ing to the PIX over IPSEC. The VPN was setup using the wizard in the cisco PDM.

Here are the various other commands.

sysopt connection permit-ipsec.

Static (inside,outside) Ext-IP Int-IP 0 0

Access-list 101 permit tcp any host Ext-IP eq www

Access-Group 101 in interface outside

I'm sure this is very simple. it seems such a reasonalbe request. The only thing I can think of here is that the static command is causing all traffic to be redirected to the Internal IP - even vpn traffic.

Thanks!

0 Helpful

davidcagney
Level 1
Level 1
In response to davidcagney

‎06-30-2005 07:41 AM

Got it sorted.

Just used a static command with PAT specifying 80.

No access lists needed.

0 Helpful
Customers Also Viewed These Support Documents