Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
458
Views
0
Helpful
2
Replies

VPN session PIX to PIX via Cisco VPN Client V4.7

lusej0922
Level 1
Level 1

‎07-14-2006 03:03 PM - edited ‎02-21-2020 02:31 PM

I need to know how to enable on a PIX 501, a source initiated VPN session via Cisco VPN client within the inside network through a PIX 501 to the internet and into another PIX 501 on the remote end to the remote internal network. I can establish a VPN session to either PIX 501 sites from the public side of the internet but not from a private-internet-private connection.

Thanks,

Joe

Labels:
0 Helpful
2 Replies 2

nefkensp
Level 5
Level 5

‎07-16-2006 11:17 PM

If you want to establish an IPSEC tunnel through a pix firewall, you should do three things:

1) on the local firewall:

if you use an access-list on the inside interface, enable isakmp traffic and protocol ESP:

access-list acl_inside permit udp any eq isakmp

access-list acl_inside permit esp any

2) on the remote firewall (to which you connect), you should enable nat-traversal

isakmp nat-traversal

is a value for the keepalive packets (in seconds)

3) on the VPN client software, make sure that you enable UDP transport (with NAT enabled) in the connection profile

Let me know if these hints have helped you

0 Helpful

lusej0922
Level 1
Level 1
In response to nefkensp

‎07-24-2006 08:18 PM

I added the access-list as suggested above. No luck. The remote PIX 501 that I am accessing via the CISCO VPN client works when I am not behind PIX 501. I am including the configuration from the source site and the log session results.

Any help is greatly appreciated... :)

Joe

Preview file
3 KB
0 Helpful
Customers Also Viewed These Support Documents