Firewall Wizards mailing list archives
Re: Cisco VPN client behind a Netscreen
From: Luigi Mori <lm () symbolic it>
Date: Thu, 6 Nov 2003 10:10:46 +0100
I have recently implemented a Netscreen 50 and I have users behind it that use a Cisco VPN client to connect to a Cisco Pix which I have no control over. Their VPN client is not functioning properly. Currently I have a policy allowing outbound traffic any from all inside. Does anyone know if I also need to create an IPSEC policy for inbound traffic? Thanks, Aram Smith
Is the NetScreen doing some network address translation on your traffic ? You need a NAT-T enabled IPSec to establish a tunnel trough a NAT device. -- Luigi Mori Network Security Manager SYMBOLIC S.p.A. W: http://www.symbolic.it T: +39 0521 776180 F: +39 0521 776190 _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Cisco VPN client behind a Netscreen Aram Smith (Nov 05)
- Re: Cisco VPN client behind a Netscreen Ravi Kumar (Nov 06)
- Re: Cisco VPN client behind a Netscreen Luigi Mori (Nov 06)
- RE: Cisco VPN client behind a Netscreen List Account (Nov 06)
- <Possible follow-ups>
- RE: Cisco VPN client behind a Netscreen Melson, Paul (Nov 06)
- RE: Cisco VPN client behind a Netscreen Andy Lyakhovetskiy (Nov 11)