11-02-2006 02:45 PM - edited 02-21-2020 02:42 PM
Hi;
i need to let one of my internal clients to establish a VPN tunnel to outside using cisco VPN client.
my clients reside behind a PIX firewall.
what should i do?
what ports and acccess list needed to be configured ?
Thanks
11-02-2006 05:02 PM
Hi,
The 7.21 image has an inspect for IPSEC-pass through. So an upgrade may handle it. Understand the some firewalls close down UDP port 500 which is where IKE negotiates.
HTH
Bill
11-03-2006 01:37 AM
Hi;
Thanks
my pix IOS version is 6.3
should my access list just open port 500? for IKE ?
Thanks
11-07-2006 02:35 PM
You will need the following
access-list inside permit esp
access-list inside permit udp
otherwise you will only get half the problems solved.
Watch out for your NAT'ing here too.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide