pix 515 vpn client using PAT

["Daniel Handley" <daniel () homepage net>]

i have upgraded my pix 515 to version 6.01 in the hope of using vpn client 3
from multiple platforms.
i have succeeded so far in that it works from an open connection but not
from behind a PAT router (W2K server running nat from home with a cable
modem).
the current config for the vpn client is below.
i also have four other sites connected, some fully meshed the others hub and
spoke. i use the access list for these in the config.
is there something missing that will enable the use of PAT to the pix. i
have enabled the client but it times out.
dan

crypto ipsec transform-set hpvpn esp-des esp-md5-hmac
crypto dynamic-map dynvpn 50 set transform-set hpvpn

crypto map map2 50 ipsec-isakmp dynamic dynvpn

isakmp client configuration address-pool local ippool outside

isakmp policy 20 authentication pre-share
isakmp policy 20 encryption des
isakmp policy 20 hash md5
isakmp policy 20 group 2
isakmp policy 20 lifetime 1000

vpngroup test address-pool ippool
vpngroup test dns-server 10.200.100.200
vpngroup test wins-server 10.200.100.200
vpngroup test split-tunnel 100
vpngroup test idle-time 1800
vpngroup test password ********


Daniel Handley
Infrastructure Manager, HomePage Ltd
Tel: 020 8880 4570 Fax: 020 8880 4328
mailto:daniel () homepage net http://www.homepage.net

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards