VPN client 'behind' a PIX?

jmx2020 · ‎11-09-2003

I have a PIX515E firewall and a business partner has asked us to allow a couple users on our network to access his site via the Cisco VPN client.

I've created a static NAT mapping for each of these users, but not sure what ports/protocols to open for them in order to allow the VPN to pass through our PIX properly.

Can anyone provide me with this info or point me to a config document?

Thanks!

nkhawaja · ‎11-09-2003

Hi,

UDP/500 and esp needs to be opened.

Please check your required document here

http://www.cisco.com/en/US/partner/tech/tk583/tk372/tech_configuration_examples_list.html

Thanks

Nadeem

bradd · ‎11-11-2003

Nadeem,

I can't access the link you've posted. I am logged in (else I couldn't post this), but when I click it I am taken to the "Authentication Required/Forgotten Password" page. From there the "Log In" link is disabled. I've tried various things all resulting in the same response. Is the link in a special protected area?

bd

nkhawaja · ‎11-11-2003

Hi,

This link has several technical tips documents, that why I asked you to go to it. You only should be needing CCO login to login to this site.

Thanks

Nadeem

kagodfrey · ‎11-12-2003

Try this link - there is a partial pix configuration which is sort of like what you are trying to achieve (and you won't need to log in)

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a008009486e.shtml

HTH

Kev