Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
-
VPN IPSec on PIX Cisco 515 (v6.2) with Win2k pro client
My VPN connection to the PIX does work, but when i try to ping anything on the remote network i get the message: "Negotiating IP strategy" 4 times and then it fails. This is pretty weird because in my PIX configuration I use the same IPSEC policy for both the L2TP protocol and the...- adruet
- Post #13
- Forum: Virtual Private Networks (VPN)
-
VPN IPSec on PIX Cisco 515 (v6.2) with Win2k pro client
yes, thank you, you were right about the spelling mistake lol :) no my win2k client will connect to the pix (the VPN connection succeeds), but i cannot ping any machine in the remote local network. I'll work on it today, and i'll let you know how it works out.- adruet
- Post #12
- Forum: Virtual Private Networks (VPN)
-
CISCO PIX PPTP VPN: how to filter remote IP?
Let's say that you outside interface's ip address is 100.0.0.1 and you dialin on this interface, you input an access-list like this one: access-list acl-out permit gre host 100.0.0.1 host 100.0.0.5 access-list acl-out permit tcp host 100.0.0.1 host 100.0.0.5 eq 1723 access-group acl-out in...- adruet
- Post #2
- Forum: Virtual Private Networks (VPN)
-
VPN IPSec on PIX Cisco 515 (v6.2) with Win2k pro client
That's great you succeeded !!! I'm still having trouble with my configuration, it still doesn't work, and for some reason i cannot input this line in my PIX: vpdn group l2tpipsec client authentication local Maybe it's because my IOS version is 6.2 and yours is 6.3, i'll check this out. And...- adruet
- Post #9
- Forum: Virtual Private Networks (VPN)
-
VPN IPSec on PIX Cisco 515 (v6.2) with Win2k pro client
If you want to disable NAT on a pool of address, you type in these lines: Here is the pool of address you do not want to NAT: access-list nonat permit ip 20.1.1.0 255.255.255.0 50.1.1.0 255.255.255.0 Now with the nat 0 command, you specify that you don't want to NAT this access list: nat...- adruet
- Post #7
- Forum: Virtual Private Networks (VPN)
-
VPN IPSec on PIX Cisco 515 (v6.2) with Win2k pro client
I've tested this configuration, it works fine between the different PIX, but i cannot connect to it from my DSL line with a windows 2000 pro.- adruet
- Post #4
- Forum: Virtual Private Networks (VPN)
-
VPN IPSec on PIX Cisco 515 (v6.2) with Win2k pro client
isakmp policy 22 authentication pre-share isakmp policy 22 encryption des isakmp policy 22 hash md5 isakmp policy 22 group 1 isakmp policy 22 lifetime 86400 these lines describe the IKE policy which will be used between the two hosts. So here we use DES encryption, and md5 hashing. Group 1 is...- adruet
- Post #3
- Forum: Virtual Private Networks (VPN)
-
VPN IPSec on PIX Cisco 515 (v6.2) with Win2k pro client
hello, i'm sorry if there is so much reading, but i think that many people may find some interesting thoughts in these lines :) we already have VPNs configured on our PIX, but we only use VPN between several remote sites linked through PIXes as well. What I would like to do is being able to...- adruet
- Thread
- Replies: 12
- Forum: Virtual Private Networks (VPN)
