Re: File sharing problems across PIX 501 firewalls


JohnH wrote:

I want to be able to access fileshares and other services running on
the web server stack from my LAN, so I ALLOWed all incoming traffic on
PIX2 from address 67.153.65.90 for TCP and UDP on all ports.
....
Has anyone succesfully set up file sharing over the web where your
origin is a NATted LAN and your destination is another NATted LAN?

Yes, with an IPsec tunnel. SMB/CIFS file sharing through a firewall is
problematic at best even when using all of Microsoft's available docs and
kb articles. If you've never set up IPsec before, the PDM's VPN wizard is
quite helpful, even in the 6.X(X) releases.

See the 'Site to Site VPN with PIX' section of this page for some helpful
command line examples:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/prod_configuration_examples_list.html

-Gary
.

Relevant Pages

  • routing issue
    ... configured on the firewall. ... can I just setup another IPsec Tunnel on my firewall to ... address but different LAN networks? ... HO router to route the traffic for 192.168.2.0/24 through ...
    (comp.dcom.sys.cisco)
  • Re: Sonicwall hangs/freezes within minutes.
    ... >> After rebooting the Sonicwall, ... >> site to site VPN and access to Sonicwall by GlobalVPN. ... LAN activity light shows attempts to access ... > firmware are you running on it"? ...
    (comp.security.firewalls)
  • Re: Local network access from WAN IP
    ... You set up a site to site VPN. ... Cris Hanna [SBS-MVP] ... we're occupying and I would like to be able to access SBS through the ... How do I configure ISA to treat the third IP as part of the LAN? ...
    (microsoft.public.backoffice.smallbiz2000)
  • Re: Site to site VPN IPSec Tunnel
    ... I have similiar problem using IPsec site to site VPN. ... Sometimes the HQ LAN will not able to ping to Branch LAN ... HQ ISA to Branch LAN without any problem. ...
    (microsoft.public.isa.vpn)