Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Cisco PIX VPN Clients no Traffic

Reply
Thread Tools

Cisco PIX VPN Clients no Traffic

 
 
M3ph
Guest
Posts: n/a
 
      06-14-2006
I have a problem with getting this pix to work good. I always been
configuring pix with vpn client setup but this time i just cant resolve
the issue.

When setup the vpn connection, all goes well. Allthough traffic is not
passing to the lan...

below the output of the vpn clients

sh cry ipsec sa
#pkts encaps: 0, #pkts encrypt: 0, #pkts digest 0
#pkts decaps: 3, #pkts decrypt: 3, #pkts verify 3

sh cry isa sa
Total : 1
Embryonic : 0
dst src state pending created
195.x.x.1 83.x.x.10 QM_IDLE 0 1

When i remove the isakmp nat-traversal 20 statement, i get:
sh cry ipsec sa
#pkts encaps: 0, #pkts encrypt: 0, #pkts digest 0
#pkts decaps: 0, #pkts decrypt: 0 #pkts verify 0

no traffic at all...

here's a copy of my vpn config:

access-list split permit ip 192.168.6.0 255.255.255.0 192.168.123.0
255.255.255.0
access-list nonat permit ip 192.168.6.0 255.255.255.0 192.168.123.0
255.255.255.0

ip address outside dhcp setroute retry 4

global (outside) 1 interface
global (inside) 1 interface
global (intf2) 1 interface
nat (inside) 0 access-list nonat
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
nat (intf2) 1 0.0.0.0 0.0.0.0 0 0

sysopt connection permit-ipsec
crypto ipsec transform-set myset esp-des esp-md5-hmac
crypto dynamic-map dynmap 10 set transform-set myset
crypto map mymap 90 ipsec-isakmp dynamic dynmap
crypto map mymap interface outside
isakmp enable outside
isakmp identity address
isakmp nat-traversal 10
isakmp policy 10 authentication pre-share
isakmp policy 10 encryption des
isakmp policy 10 hash md5
isakmp policy 10 group 2
isakmp policy 10 lifetime 86400
vpngroup digicore address-pool ippool
vpngroup xxsx plit-tunnel split
vpngroup xxx idle-time 1800
vpngroup xxx password ********

I also tried installing a updated version of the cisco client, but this
didnt help much. I can connect to other sites without a problem with
the same client.

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Cisco VPN clients not passing traffic after new PTP IPSec tunnel is up GuenTech Cisco 5 11-19-2010 03:21 PM
Cisco IOS - Traffic from VPN Clients to a nat interface teodor Cisco 0 08-20-2009 10:04 AM
Routing Question - How to send default internet traffic to PIX and VPN traffic from router out internet Evolution Cisco 1 02-27-2007 10:00 PM
VPN PIX-_static PIX ; PIX-dynamic_PIX ; VPN Client Svenn Cisco 3 03-13-2006 09:25 AM
PIX to PIX VPN and VPN Client to PIX Config Example? GVB Cisco 1 02-06-2004 07:44 PM



Advertisments