VPN Tunnel to DMZ

hborn · ‎07-01-2002

hi there,

I work with a PIX 515. I habe vpn (L2TP/IPsec) configured to terminate on the outside interface and this just work perfectly fine. the user can establish a connection and access the necessary host on inside and dmz.

now I woul like to move the tunnel termination to an permiter interface, f.e. vpn.

I have changed the following entries, but it still doesn't work.

vpdn enable vpn

isakmp enable vpn

crypto map partner-map interface vpn

checking the log file of the syslog server shows that the udp inbound connection to the vpn interface ip could be established succesfully (on port 1701) but it seems like the firewall doesn't respond to this request.

any advice?

(by the way: substituting the perimeter vpn to outside in the entries above and vpn tunnel can be established successfully by the remote clients)

thanks

hans

edadios · ‎07-01-2002

I think you forgot NAT(interface name) 0 access-list # .

Regards,

VPN Tunnel to DMZ

Cisco SD-WANルータとIOS-XE ルータ間での拠点間 IPsec VPN Tunnel 設定

VPN Tunnel missing child_SAs

Remote VPN tunnel

[原创]6to4 tunnel

Dynamic Split Tunneling in AnyConnect VPN