Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Westi on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

VPN Client (Not Working after Replaced Router)

Status
Not open for further replies.
userice

userice

Technical User
Oct 24, 2002
78
US
We just replaced our company router to PIX 501. Before I replaced our router, I was able to connect to sereral PIXes through VPN. Now, I can not connect anymore. Is there any port I need to open on the PIX? I understand I can also do site to site VPN, but I would like to use VPN Client. Can anyone give me a hint?

Also, we only have one ip, is there anyway I can map ports to certain PC with PIX 501. I know I can do that with D-Link or Linksys Router.
 
Sort by date Sort by votes
The static command will allow you to forward different ports to different hosts.

The VPN problem is probably because you have some ports blocked. Need more info on what your trying to do before suggesting a fix.
 
Upvote 0 Downvote
Do you mean static command like this??
Outside IP: a.b.c.d
Inside IP: w.x.y.z
static (inside,outside) tcp a.b.c.d 5631 w.x.y.z 5631 netmask 255.255.255.255 0 0
static (inside,outside) udp a.b.c.d 5632 w.x.y.z 5632 netmask 255.255.255.255 0 0

Do I need any "access-list Command"?

My VPN Problem is: ¢×have 3 PIX Firewalls in 3 Different Locations. Two of them were setup as Site to Site VPN. One is in my Boss' House. I just Replaced My Boss' D-Link Router to PIX. Before I did that, He was able to Connect to two other PIXes with VPN Client. Now, He can not. He doesn't want me to set up site to site VPN on his Router. So, What ports should I open in order to get VPN Client to
work. If you can include the command line, that will be great.. Thank you
 
Upvote 0 Downvote
You'll need an access-list in addition to the static to actually open the ports. The static just tells the pix where to forward it.

Your Boss's PIX by default should allow him to do anything he wants outbound (including the Cisco VPN Software). You can try having him setup the VPN software for the firewalling option, but I don't think it's necessary.
 
Upvote 0 Downvote
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

intel233
  • Locked
  • Question
Cisco ASA - VPN Question
Replies
6
Views
640
intel233
intel233
ISDPCMAN
  • Locked
  • Question
RDP fails over VPN
Replies
1
Views
229
gkittelson
gkittelson
Shmid
  • Locked
  • Question
Restricting Sonicwall SSL-VPN users for WAN access
Replies
7
Views
785
Shmid
Shmid
WhosYourDiffie
  • Locked
  • Question
Cisco ASA 5506 VPN for Avaya Phones
Replies
0
Views
175
WhosYourDiffie
WhosYourDiffie
disturbedone
  • Locked
  • Question
proxy.pac not working correctly in IE11
Replies
0
Views
165
disturbedone
disturbedone

Part and Inventory Search

Sponsor

Back
Top