Re: [fw-wiz] Pass-through VPN

From: Josh Welch (
Date: 09/30/04

  • Next message: Jim Seymour: "Re: [fw-wiz] SMTP forwarding question"
    To: "Roberts, Shawn" <>
    Date: Thu, 30 Sep 2004 11:43:59 -0500

    Roberts, Shawn wrote:
    > Hi all,
    > I have a quick question about what I need to do on a PIX 515 to get VPN
    > traffic to pass through it. I have done the rest of the setup on this box
    > but I want to make sure that this part is running correctly when I install
    > it. Any help would be very much appreciated.
    > Thank you for your time
    > Shawn

    I think that you are referring to something like:

    sysopt connection permit-ipsec

    Which automatically allows all traffic through VPN tunnels. However, if
    I understand correctly this does then limit your ability to apply ACLs
    to VPN traffic.

    firewall-wizards mailing list

  • Next message: Jim Seymour: "Re: [fw-wiz] SMTP forwarding question"

    Relevant Pages

    • VPN
      ... is there any good articles about VPN on Internet and perferrably with ...
    • Re: PIX to PIX VPN problem
      ... I am trying to establish a VPN tunnel between 2 PIX 506E's. ... Crypto map tag: CRYPTO_MAP, local addr. ... fixup protocol dns maximum-length 700 ...
    • Re: VPN Assistance
      ... This will expose port 1723 on th Pix to only these ... Glad it's working - now try to convince the client that using the Cisco ... client is more secure than using PPTP. ... IPSec VPN ...
    • VPN - Cisco PIX to Checkpoing FW-1 troubleshooting
      ... I was trying to establish VPN between a pix and a checkpoint. ... isakmp policy 10 authentication pre-share ...
    • Re: Another RWW versus VPN question
      ... And after Blackhat I wouldn't be trusting of Cisco PIX either. ... One could argue that after the CISCO/Michael Lynn Blackhat/Vegas issue that Cisco isn't that secure. ... With VPN access, the data could be pulled over the wire to my home users, they "could" introduce more risk to my network if they are not patched, updates and protected. ... I have a client that recently had a programmer from a large security based company come by and demo the Access database he is working on for them. ...