Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
420
Views
0
Helpful
1
Replies

VPN connectivity

vishal.divekar
Level 1
Level 1

‎02-27-2006 05:57 AM - edited ‎02-21-2020 02:17 PM

hi,

we are using PIX 506 version 6.3 for our network. We have to do static NAT for the VPN connectivity with the client server. But when i try doing PAT i am not able to connect to the remote server.

Can anyone help me out why this is happening.

Is that i can do only static NAT for VPN and can't go with PAT connectivity.

Thanks,

Vishal D.

Labels:
0 Helpful
1 Reply 1

Patrick Iseli
Level 7
Level 7

‎02-27-2006 12:44 PM

This is normal for PAT but you could use the fixup esp-ike but you are limited to one tunnel.

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_command_reference_chapter09186a00801727a8.html#wp1067379

fixup protocol esp-ike

The fixup protocol esp-ike command enables PAT for Encapsulating Security Payload (ESP), single tunnel.

The fixup protocol esp-ike command is disabled by default. If a fixup protocol esp-ike command is issued, the fixup is turned on, and the firewall preserves the source port of the Internet Key Exchange (IKE) and creates a PAT translation for ESP traffic. Additionally, if the esp-ike fixup is on, ISAKMP cannot be turned on any interface.

sincerely

Patrick

0 Helpful
Customers Also Viewed These Support Documents