Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
357
Views
0
Helpful
1
Replies

VPN Tunnel to DMZ

hborn
Level 1
Level 1

‎07-01-2002 05:27 AM - edited ‎02-21-2020 11:50 AM

hi there,

I work with a PIX 515. I habe vpn (L2TP/IPsec) configured to terminate on the outside interface and this just work perfectly fine. the user can establish a connection and access the necessary host on inside and dmz.

now I woul like to move the tunnel termination to an permiter interface, f.e. vpn.

I have changed the following entries, but it still doesn't work.

vpdn enable vpn

isakmp enable vpn

crypto map partner-map interface vpn

checking the log file of the syslog server shows that the udp inbound connection to the vpn interface ip could be established succesfully (on port 1701) but it seems like the firewall doesn't respond to this request.

any advice?

(by the way: substituting the perimeter vpn to outside in the entries above and vpn tunnel can be established successfully by the remote clients)

thanks

hans

Labels:
0 Helpful
1 Reply 1

edadios
Cisco Employee
Cisco Employee

‎07-01-2002 03:55 PM

I think you forgot NAT(interface name) 0 access-list # .

Regards,

0 Helpful
Customers Also Viewed These Support Documents