Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
572
Views
0
Helpful
1
Replies

VPN IPSec Client through PIX 501 to Concentrator 3000

j.t.faust
Level 1
Level 1

‎08-12-2005 07:18 AM - edited ‎02-21-2020 01:54 PM

I have recently installed at PIX 501 (latest version 6.3(4)) on my home office network.

Most everything works, except.. I have issue where a Cisco VPN client 4.0.2(D) can't connect outside to a VPN concentrator. It initial IPSec tunnel is established, but we can't get past that to the other internal network.

It worked previously with a Linksys router in place. Also, another Cisco VPN client (v3.6.3) can connect to a different concentrator with no issues.

Both clients are set for IPSec over UDP (Nat/Pat). One uses DES the other 3DES (not working).

The logs show an Denied protocol 50 ....

Any suggestions as to how to correct?

Thanks

Ted

Labels:
0 Helpful
1 Reply 1

bogdahnt
Level 1
Level 1

‎08-18-2005 12:57 AM

Hi Ted,

which device is showing this log message?

For ipsec you need to allow protocol 50 (ESP). If you are using IPSec, ensure that any perimeter routers or firewall pass IP protocol 50 as well as ISAKMP — that is, UDP port 500.

If the pix is blocking this traffic you need to open this ports on inside and outside interface to get this traffic pass through between your client and the concentrator.

Brgds

Thomas.

0 Helpful
Customers Also Viewed These Support Documents