Access to outside through VPN

[c182pilot]

I am using a Cisco Pix 515 and RSA ACE for VPN access, using Cisco's client from Win2k clients.

We need to provide access to the outside from within the inside network while connected through the VPN. The access has to be from our inside network, not from the client PC. What is required to do this? Is it an additional route or ACL?

Thanks

 

[ChicagoTechNet]

this may help. quoted from

http://www.chicagotech.net

Can't connect to a VPN server on the outside of the PIX

.Symptom: When attempting to connect to a VPN server on the outside of the PIX it returns error 721, the computer failed to respond.

Resolution: In order to PPTP through a PIX, you must have a one-to-one mapping from the external IP to an internal IP for type 47 GRE packets and port 1723. For example, for pptp add this: conduit permit gre host x.x.x.x any AND conduit permit tcp host x.x.x.x eq 1723. For l2tp over ipsec: conduit permit esp host x.x.x.x any, conduit permit udp host x.x.x.x eq 1701 any AND conduit permit udp host x.x.x.x eq 500 any.


Robert Lin, MS-MVP, MCSE & CNE
Windows, Network, Internet, VPN, Routing and How to at

http://www.ms-mvps.com

 

[lgarner]

You don't. You can implement split tunnelling, but that traffic will not touch the Pix. The Pix will not "relay" traffic back out.