ESP problem with MS RRAS to Cisco 3000 VPN passing through PIX 515E Firewall.

Discussion in 'Cisco' started by Sean McGrath, Dec 29, 2003.

  1. Sean McGrath

    Sean McGrath Guest

    Hello,

    I'm having a problem creating a MS RRAS server to a Cisco 3000 VPN
    concentrator passing through a PIX 515E Firewall (6.1). The
    configuration is as follows. The MS RRAS server has a configure IPSEC
    policy creating a tunnel withe the external interface of the PIX
    firewall. The PIX firewall passes that traffic to one of its internal
    interface connected to the VPN concentrator. There is a sepearate
    internal interface connecting to the internal LAN for internet
    connectivity. UDP 500 is static translated to the VPN concentrator.
    UDP 10000 is also static translated to the VPN concentrator. I am able
    to estrablish the tunnel but if I try to pass traffic through it I get
    "Regular Translation Creation failed for IP protocol 50" on the PIX.
    Obviously this results from the fact that I can't static IP protocol
    50. If I try to connect with the Cisco client from the outside it
    works because it is encapsulating ESP in UDP 10000. Is there a way to
    make the RRAS server do this? If I can't get RRAS to work this way
    it's not a big deal because I can use L2TP but I will have other VPN
    concentrators connecting through the PIX from the outside. Will they
    have the same problem or will they encapsulate ESP in UDP 10000?
    Any suggestions or thoughts would be greatly appreciated.

    Thanks,
    Sean
     
    Sean McGrath, Dec 29, 2003
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. BenLMiron
    Replies:
    1
    Views:
    3,566
  2. Anand Mohabir
    Replies:
    1
    Views:
    1,214
    Johnny Routin
    Oct 22, 2004
  3. Scott Townsend

    PIX 515 to PIX 515e not passing traffic

    Scott Townsend, May 10, 2006, in forum: Cisco
    Replies:
    6
    Views:
    3,751
    Vikas
    May 25, 2006
  4. Replies:
    1
    Views:
    898
    James
    Aug 22, 2006
  5. Replies:
    5
    Views:
    1,130
    swapnendu
    Sep 23, 2006
Loading...

Share This Page