Re: [fw-wiz] Cisco VPN client behind a Netscreen
From: Luigi Mori (lm_at_symbolic.it)
Date: 11/06/03
- Previous message: Ravi Kumar: "Re: [fw-wiz] Cisco VPN client behind a Netscreen"
- In reply to: Aram Smith: "[fw-wiz] Cisco VPN client behind a Netscreen"
- Next in thread: List Account: "RE: [fw-wiz] Cisco VPN client behind a Netscreen"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <firewall-wizards@honor.icsalabs.com> Date: Thu, 6 Nov 2003 10:10:46 +0100
>I have recently implemented a Netscreen 50 and I have users behind
>it that use a Cisco VPN client to connect to a Cisco Pix which I
>have no control over. Their VPN client is not functioning properly.
>Currently I have a policy allowing outbound traffic any from all
>inside. Does anyone know if I also need to create an IPSEC policy
>for inbound traffic? Thanks, Aram Smith
Is the NetScreen doing some network address translation on your traffic ?
You need a NAT-T enabled IPSec to establish a tunnel trough a NAT device.
-- Luigi Mori Network Security Manager SYMBOLIC S.p.A. W: http://www.symbolic.it T: +39 0521 776180 F: +39 0521 776190 _______________________________________________ firewall-wizards mailing list firewall-wizards@honor.icsalabs.com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: Ravi Kumar: "Re: [fw-wiz] Cisco VPN client behind a Netscreen"
- In reply to: Aram Smith: "[fw-wiz] Cisco VPN client behind a Netscreen"
- Next in thread: List Account: "RE: [fw-wiz] Cisco VPN client behind a Netscreen"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
