How do I configure VPN passthrough with a PIX 501 - Firewalls

This is a discussion on How do I configure VPN passthrough with a PIX 501 - Firewalls ; Hi, Sorry, newbie question... I just recently installed a PIX 501 (version 6.3(1)) in my home network. Previously I was using a cheap airlink router that provided VPN passthrough. I'm using Nortel Contivity VPN client on 1 computer, and Cisco ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: How do I configure VPN passthrough with a PIX 501

  1. How do I configure VPN passthrough with a PIX 501

    Hi,

    Sorry, newbie question...

    I just recently installed a PIX 501 (version 6.3(1)) in my home
    network.
    Previously I was using a cheap airlink router that provided VPN
    passthrough.
    I'm using Nortel Contivity VPN client on 1 computer, and Cisco VPN
    client on another client.

    On my cheap Airlink router, I could easily use my Nortel or Cisco VPN
    client to connect to my company with no configuration. These cheap
    routers always advertise the ability to do VPN Passthrough.

    I can't get the same thing to work on PIX 501.
    I've read in other newgroups about NAT transversal, enabling isakmp,
    etc, but nothing seems to work.

    Do I have to actually configure any VPN settings on the PIX? I should
    be able to simply configure an access-list. Do I need to configure
    any transform-sets or crypto map, isakmp in order to make this to
    work?

    Thanks in advance,

    Wallace


  2. Re: How do I configure VPN passthrough with a PIX 501

    In article <1178169128.471846.255530@p77g2000hsh.googlegroups. com>,
    wrote:

    >I just recently installed a PIX 501 (version 6.3(1)) in my home
    >network.


    6.3(1) has several known security problems. There are operational
    problems with 6.3(2), and security problems in 6.3(3), 6.3(4),
    6.3(5), and 6.3(5)112 . It would be best if you could upgrade
    your PIX 501 as far as possible. If you are the registered owner
    of the device, the upgrade is free.


    >I'm using Nortel Contivity VPN client on 1 computer, and Cisco VPN
    >client on another client.


    >On my cheap Airlink router, I could easily use my Nortel or Cisco VPN
    >client to connect to my company with no configuration. These cheap
    >routers always advertise the ability to do VPN Passthrough.


    >I can't get the same thing to work on PIX 501.
    >I've read in other newgroups about NAT transversal, enabling isakmp,
    >etc, but nothing seems to work.


    >Do I have to actually configure any VPN settings on the PIX? I should
    >be able to simply configure an access-list. Do I need to configure
    >any transform-sets or crypto map, isakmp in order to make this to
    >work?


    You only need to configure transform sets and crypto maps and
    isakmp nat-traversal if you are terminating the VPN at the PIX.

    Try

    fixup protocol esp-ike

+ Reply to Thread