Firewall Wizards mailing list archives
RE: Cisco Remote Access VPN Problem
From: "Firewall-Wizards" <Firewall-Wizards () govnet gov fj>
Date: Thu, 8 Sep 2005 16:59:40 +1200
Yep. Tried that before. No luck :-( -----Original Message----- From: firewall-wizards-admin () honor icsalabs com [mailto:firewall-wizards-admin () honor icsalabs com] On Behalf Of Paul Melson Posted At: Thursday, September 08, 2005 6:22 AM Posted To: Firewall-Wizards Conversation: [fw-wiz] Cisco Remote Access VPN Problem Subject: RE: [fw-wiz] Cisco Remote Access VPN Problem Static arp entries using the arp command won't help. Enabling proxy-arp on FE0/1 might. PaulM -----Original Message----- Subject: [fw-wiz] Cisco Remote Access VPN Problem Hi Folks I can get the tunnel successfully established ,the client successfully authenticated with RADIUS, SA's formed and virtual ips (from the dmz) assigned to the remote vpn client. There's static routes present on the 2600 to route internal network traffic to the dmz gateway (ie. fw) which subsequently has rules to route these vpn traffic inside the internal network. .. As a workaround, i tried putting in some static arp entries on the fw , for these virtual ips to point to physical dmz interface of the vpn device The ensuring result was that return traffic made it way back to the vpn device, but then couldn't get to the actual vpn client :-( _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Cisco Remote Access VPN Problem Firewall-Wizards (Sep 07)
- RE: Cisco Remote Access VPN Problem Paul Melson (Sep 07)
- <Possible follow-ups>
- RE: Cisco Remote Access VPN Problem Firewall-Wizards (Sep 08)