Outbound VPN through a Pix 501

Discussion in 'Cisco' started by gencode, May 2, 2005.

  1. gencode

    gencode Guest

    I am trying to go "outbound" through a Cisco PIX 501.

    I can not get it to work, although I swapped it out with a cheap SOHO
    Netgear firewall and there were no more issues.

    All outbound traffic is open.

    Ed,
     
    gencode, May 2, 2005
    #1
    1. Advertisements

  2. :I am trying to go "outbound" through a Cisco PIX 501.

    :I can not get it to work, although I swapped it out with a cheap SOHO
    :Netgear firewall and there were no more issues.

    :All outbound traffic is open.

    Is the PIX the VPN endpoint, or is a host the VPN endpoint with
    the traffic traveling through the PIX?

    What VPN technology is it? PPTP? IPSec?

    If it is a host with the Cisco VPN Client connecting to a remote
    Cisco VPN device (IOS Router, VPN Concentrator, PIX) then have the
    remote end turn on "nat traversal".

    If it is a host with a different IPSec client and the remote end
    does not support nat traversal, then provided the PIX 501 is not -also-
    a VPN endpoint, turn on the isakmp esp-like fixup. This will only
    allow one inside host to connect outwards at a time.

    If it is a different non-IPSec VPN client, such as one that requires
    GRE or other IP -protocols- (as opposed to TCP/UDP -ports-) then
    it is incompatible with Port Address Translation, and requires
    additional routable IP addresses to make it work.
     
    Walter Roberson, May 2, 2005
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.