Hot Downloads

×

Notice

The forum is in read only mode.
Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1
  • 2

TOPIC: Allow IPSec through PIX 506E

Allow IPSec through PIX 506E 11 years 4 months ago #20167

Hello all!

I`m having a huge problem with remote VPN connection to the WatchGuard VPN server using WatchGuard VPN software through my PIX 506E firewall. I`m not good with FireWalls and I`ll might have some mistakes in my question and I`m sorry for that.
Ok Here is the situation.The Watchguard VPN server on remote site uses IPSec to accept remote connections,I want to use the same WatchGuard VPN software to connect to the server,but it fails.as I mentioned I have a PIX506E in my office.My question is, do i have to do some config in my PIX to allow connection to the VPN server.
I hope I described my problem clearly,if not forgive me please

Re: Allow IPSec through PIX 506E 11 years 4 months ago #20230

I don`t believe!Nobody has the answer?

Re: Allow IPSec through PIX 506E 11 years 4 months ago #20240

  • Smurf
  • Smurf's Avatar
  • Offline
  • Moderator
  • Moderator
  • Posts: 1390
  • Karma: 1
  • Thank you received: 0
Have you allowed the IPSec Ports/Protocols through and also the necessary Static command to map to the VPN Server on the inside ?

Re: Allow IPSec through PIX 506E 11 years 3 months ago #20725

wow, to bad this post kind of died, was curious about the answer and final result. Why mix the two, WatchGuard and a PIX? Just curious in the topology and setup of that network.


ZiPPy

Re: Allow IPSec through PIX 506E 11 years 2 months ago #21604

Are you wanting something like this:

vpn client / internal network -- pix firewall -- internet -- vpn server (??)

If that's the case you will need to add "sysopt connection permit-ipsec" in your pix firewall and that will allow IPSec tunnels originationg from the internal network through the PIX to a remote VPN server.

Re: Allow IPSec through PIX 506E 11 years 2 months ago #21619

  • Smurf
  • Smurf's Avatar
  • Offline
  • Moderator
  • Moderator
  • Posts: 1390
  • Karma: 1
  • Thank you received: 0
didn't know that, will that command mean that you don't need to add the necessary ports on an outgoing ACL ? thanks for the post
  • Page:
  • 1
  • 2
Time to create page: 0.141 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup