Cisco VPN client not passing data through PIX 501

Discussion in 'Cisco' started by Fred, Aug 29, 2006.

  1. Fred

    Fred Guest

    I have a pc with Cisco client installed that terminates on a PIX 501.
    when the local lan has a PIX outgoing the VPN comes up but no traffic will
    pass.
    When the local lan has a Linksys or Dlink firewall/router everything works
    fine
    I tried changing MTU, went to 576 no change, I added ipsec nat transparency
    on the local (originating side) no change.. outgoing PIX is wide open, no
    access lists etc..

    any ideas?
     
    Fred, Aug 29, 2006
    #1

    1. Advertisements

  2. Fred

    www.BradReese.Com Guest

    Hi Fred,

    You may be experiencing a "10 concurrent user" issue with your PIX 501
    license.

    Cisco PIX Security Appliance Licensing

    http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_data_sheet09186a00800b0d85.html

    Hope this helps.

    Brad Reese
    Cisco IOS Software - Compatible Partner Matrix by Technology
    http://www.BradReese.Com
    1293 Hendersonville Road, Suite 17
    Asheville, North Carolina USA 28803
    USA & Canada: 877-549-2680
    International: 828-277-7272
    Fax: 775-254-3558
    AIM: R2MGrant
    BradReese.Com - Global Cisco Systems Pre-Sales Support
    http://www.bradreese.com/contact-us.htm#CISCO
     
    www.BradReese.Com, Aug 29, 2006
    #2

    1. Advertisements

  3. Fred

    Walter Roberson Guest

    Could you clarify whether one PIX is involved or two?

    And if the outgoing PIX has no access lists, then it will prohibit
    some kinds of return traffic, because some kinds of return traffic
    look like "new" traffic.
     
    Walter Roberson, Aug 29, 2006
    #3
  4. Fred

    Fred Guest

    The 10 license count doesnt come in to play, there is only 2 other devices
    on it.

    I dont think it is an inbound problem on the pix, as everything else works
    normal..


    setup is follows:


    client ====> pix a >=== internet =====>pix b (client establishes here)

    vpn establishes but no traffic passed


    client ====> netgear etc >=====internet ====== >pix b (client establishes
    here)

    vpn works normally
     
    Fred, Aug 29, 2006
    #4
  5. Fred

    sojjan

    Joined:
    Sep 21, 2006
    Messages:
    2
    Likes Received:
    0
    i've got the same problem. please help someone ;)
     
    sojjan, Sep 21, 2006
    #5
  6. Fred

    swapnendu

    Joined:
    Sep 13, 2006
    Messages:
    57
    Likes Received:
    0
    turn on FIXUP (v6.XX) / INSPECTION (v7.XX) on "pix a".. it cud be fixup PPTP if u r using PPTP based tunnel or do a fixup of L2TP traffic if L2TP is used ....also even a static
    NAT on the PIX for the VPN client with a global public address will do the job for u...the issue is return traffic is not able to get in due to dynamic NAT....

    le me knw if my solution solves ur issue...
     
    swapnendu, Sep 23, 2006
    #6

    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.
Similar Threads

  1. Cant establish a VPN tunnel between PIX 501 and Cisco VPN Client

  2. Cisco VPN through a PIX 501 to another PIX?

  3. Cisco VPN Client through PIX to a PIX

  4. PIX 501 :VPN client traffic does not pass down VPN tunnel to remote subnet..

  5. VPN client through PIX 501?

  6. PIX 501 VPN client to VPN client connections

  7. Use Microsoft VPN Client OUTBOUND through PIX 501

  8. MAC OS X using Cisco VPN Client through CISCO PIX 501

Loading...