VPN Client Connect to PIX FW but cannot browse internal network..
- From: toureg69@xxxxxxxxx
- Date: 16 Dec 2006 10:09:36 -0800
Having a problem connecting to any internal servers once I establish a
VPN connection through the PIX 506e firewall. I was trying to use IAS
server instead of creating a bunch of vpngroups.
Diagram:
Internet
|
|
Router
|
|
Firewall
|
|
Internal Network
(IAS is on the internal network)
Please see below's config. I know it's a routing issue but cannot
figure it out. Any information is appreciated. Thanks!
PIX# sho run
access-list 103 permit ip 192.168.16.0 255.255.255.0 10.1.2.0
255.255.255.0
ip local pool ippool 10.XX.XX.XXX-10.XX.XX.XXX
global (outside) 1 interface
nat (inside) 0 access-list 103
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
access-group 101 in interface outside
route outside 0.0.0.0 0.0.0.0 66.251.40.201 1
aaa-server radius-server protocol radius
aaa-server radius-server (inside) host 172.26.1.8 cisco123 timeout 10
sysopt connection permit-ipsec
crypto ipsec transform-set testset esp-3des esp-md5-hmac
crypto dynamic-map testmap 10 set transform-set testset
crypto map testconn 10 ipsec-isakmp dynamic testmap
crypto map testconn client authentication radius-server
crypto map testconn interface outside
isakmp enable outside
isakmp identity address
isakmp policy 10 authentication pre-share
isakmp policy 10 encryption 3des
isakmp policy 10 hash md5
isakmp policy 10 group 2
isakmp policy 10 lifetime 86400
vpngroup testias address-pool ippool
vpngroup testias dns-server DNS1 DNS2
vpngroup testias wins-server WINS1
vpngroup testias default-domain DOMAIN1
vpngroup testias idle-time 1800
vpngroup testias password
.
- Prev by Date: Re: Office mole tampering with my PC???
- Next by Date: How to terminate / disable a system service
- Previous by thread: ntds.dit and EFS
- Next by thread: How to terminate / disable a system service
- Index(es):
Relevant Pages
|
|
