Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
306
Views
0
Helpful
1
Replies

VPN between pix and Symantec firewall

ciscoblood
Level 1
Level 1

‎08-11-2003 12:34 PM - edited ‎02-21-2020 12:43 PM

Are there any potential issues configuring a vpn session between PIX and a Symantec firewall?

On Symantec webpage I do see that if either one or both ends are undergoing a NAT, then the VPN negotiation doesnt take place. To get over with this, they have asked to configure the Cisco box to set the command,

isakmp identity key-id <phase 1 id>

Are there any other things to be noted, or taken care of ??

Can I configure the pix to be an easy vpn client, while make the symantec box push the configs to the pix ?

Labels:
0 Helpful
1 Reply 1

drolemc
Level 6
Level 6

‎08-18-2003 08:49 AM

Yes, the PIX firewall can be used as an easy VPN client or more accurately, as an 'Cisco Easy VPN Remote'. However, you might have an issue with using the PIX as an easy vpn client with the 'isakmp identity key-id' command configured on it. To quote the documentation I came across, "if the VPN client feature is enabled on the firewall, the vpnclient group name takes precedence over the isakmp identity key-id setting, and the firewall sends vpnclient group name as the key-id". Thus, on the PIX configured as an easy VPN client, the 'isakmp identity key-id' command will not send the specified key_id_string and this might cause problems in your setup.

0 Helpful
Customers Also Viewed These Support Documents