PIX to PIX VPN

[hoinvip]

Thanks in advance for any help on this one...

We have a PIX515E in the central office, with 3 remote sites connecting via DSL. The remote offices all have PIX501's as their end-point to our VPN.

PIX515E LAN is 192.168.1.0
PIX501's are 192.168.10.0, 192.168.12.0 and 192.168.14.0 respectively.

Now, we seem to get variable responses from the remote offices - some users in one office can PING servers on our main HQ LAN, others cannot. However, all can use the internal CITRIX server on our central network regardless.

The other day, the boss asked for a PIX and workstation to be installed in his office at home, having entered the various settings and connected the VPN, I get a VPN Tunnel light on the front of the 501 but cannot connect to anything at HQ....

Given that I basically copied a working PIX config from an existing 501, I'm at a loss as to why this is the case. I also suspect that we may have version incompatibilities as some PIX'es are much older than others....

Does anyone have any nuggets of wisdom to offer on this please?

Thanks in advance,

HoinviP

 

[308win]

Posting your sanitized configs would help.

Making a guess, the some servers but not other problem is caused by access lists restricting traffic, the citrix server was always permited, other traffic was sometimes blocked.

The Bosses problem might have something to do with VPN NAT Transparency. Does the new PIX have a public IP address?