RE: [fw-wiz] Clients cant access pix w/ vpn from behind nat devices using the newest cisco client.
From: Wes Noonan (mailinglists_at_wjnconsulting.com)
Date: 10/22/03
- Previous message: Marcus J. Ranum: "Re: [fw-wiz] Multicast Firewall"
- In reply to: Vincent Martin: "[fw-wiz] Clients cant access pix w/ vpn from behind nat devices using the newest cisco client."
- Next in thread: Melson, Paul: "RE: [fw-wiz] Clients cant access pix w/ vpn from behind nat devices using the newest cisco client."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "'Vincent Martin'" <VMartin@4service.net>, <firewall-wizards@honor.icsalabs.com> Date: Wed, 22 Oct 2003 11:05:33 -0500
NAT Traversal is pretty much required. In addition, the NAT device needs to
support NAT traversal. Had an issue yesterday with someone using a Sonicwall
firewall and they couldn't get the Cisco VPN to work through it because the
Sonicwall was killing the traffic (never saw it hitting the PIX). Never
found a resolution as we went with a different solution to address the
connectivity needs.
HTH
Wes
> -----Original Message-----
> From: firewall-wizards-admin@honor.icsalabs.com [mailto:firewall-wizards-
> admin@honor.icsalabs.com] On Behalf Of Vincent Martin
> Sent: Wednesday, October 22, 2003 08:01
> To: 'firewall-wizards@honor.icsalabs.com'
> Subject: [fw-wiz] Clients cant access pix w/ vpn from behind nat devices
> using the newest cisco client.
>
> I am having some problems connecting to a pix firewall vpn connection
> using
> the cisco client when the clients are behind a nat device to the internet.
> Is there a way to let them connect without giving them a routable ip
> address
> or modifying there routers at all? Have any of you ever had to get past
> this problem? Is it possible to get past this problem? I am new to pix
> but
> I have done some research. It seems that we need version 6.3 of the OS
> and
> that possibly doing nat traversal would help. All this is configured
> though. Any help would be great. Thanks a lot.
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@honor.icsalabs.com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: Marcus J. Ranum: "Re: [fw-wiz] Multicast Firewall"
- In reply to: Vincent Martin: "[fw-wiz] Clients cant access pix w/ vpn from behind nat devices using the newest cisco client."
- Next in thread: Melson, Paul: "RE: [fw-wiz] Clients cant access pix w/ vpn from behind nat devices using the newest cisco client."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
