Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

RE: PIX 515 and Cisco VPN client from inside

From: "Robert L. Wanamaker" <rlw () avantsystems com>
Date: Fri, 29 Aug 2003 12:38:43 -0400
Version 6.3.x (I think) of the PixieOS:

fixup protocol esp-ike => note that if you use this, you cannot have
isakmp enabled.
isakmp nat-traversal 20

Regards,

Bob

-----Original Message-----
From: firewall-wizards-admin () honor icsalabs com
[mailto:firewall-wizards-admin () honor icsalabs com] On Behalf Of Marko
Kupiainen
Sent: Friday, August 29, 2003 6:35 AM
To: firewall-wizards () honor icsalabs com
Subject: [fw-wiz] PIX 515 and Cisco VPN client from inside


Hi everyone

Im new to the list and apologize if this question being asked before. I
read through 2003 archives and couldnt find anything similar.

Our company uses a PIX 515 with 3 legs, OUTSIDE, DMZ and INSIDE We have
users doing VPN tunnels from their homes with Cisco VPN client 4 and
terminating the tunnels at the PIX. This works great. But we cant create
tunnels from INSIDE and terminating at other customers endpoints. The
tunnels are easily created if we work outside our PIX. The PIX 515 do
PAT for all INSIDE connections using outside interface IP. Is there any
hooks when doing VPN over PAT with Cisco clients ?


regards
Marko Kupiainen
CIO Microcraft AB

_______________________________________________
firewall-wizards mailing list firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: