Hot Downloads

Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1
  • 2

TOPIC: Allow IPSec through PIX 506E

Allow IPSec through PIX 506E 9 years 6 months ago #20167

Hello all!

I`m having a huge problem with remote VPN connection to the WatchGuard VPN server using WatchGuard VPN software through my PIX 506E firewall. I`m not good with FireWalls and I`ll might have some mistakes in my question and I`m sorry for that.
Ok Here is the situation.The Watchguard VPN server on remote site uses IPSec to accept remote connections,I want to use the same WatchGuard VPN software to connect to the server,but it fails.as I mentioned I have a PIX506E in my office.My question is, do i have to do some config in my PIX to allow connection to the VPN server.
I hope I described my problem clearly,if not forgive me please
The administrator has disabled public write access.

Re: Allow IPSec through PIX 506E 9 years 6 months ago #20230

I don`t believe!Nobody has the answer?
The administrator has disabled public write access.

Re: Allow IPSec through PIX 506E 9 years 6 months ago #20240

  • Smurf
  • Smurf's Avatar
  • Offline
  • Moderator
  • Posts: 1390
  • Karma: 1
Have you allowed the IPSec Ports/Protocols through and also the necessary Static command to map to the VPN Server on the inside ?
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
The administrator has disabled public write access.

Re: Allow IPSec through PIX 506E 9 years 5 months ago #20725

  • ZiPPy
  • ZiPPy's Avatar
  • Offline
  • Expert Member
  • Posts: 500
  • Karma: 0
wow, to bad this post kind of died, was curious about the answer and final result. Why mix the two, WatchGuard and a PIX? Just curious in the topology and setup of that network.


ZiPPy
ZiPPy
The administrator has disabled public write access.

Re: Allow IPSec through PIX 506E 9 years 4 months ago #21604

  • semper
  • semper's Avatar
  • Offline
  • Frequent Member
  • Posts: 39
  • Karma: 0
Are you wanting something like this:

vpn client / internal network -- pix firewall -- internet -- vpn server (??)

If that's the case you will need to add "sysopt connection permit-ipsec" in your pix firewall and that will allow IPSec tunnels originationg from the internal network through the PIX to a remote VPN server.
The administrator has disabled public write access.

Re: Allow IPSec through PIX 506E 9 years 4 months ago #21619

  • Smurf
  • Smurf's Avatar
  • Offline
  • Moderator
  • Posts: 1390
  • Karma: 1
didn't know that, will that command mean that you don't need to add the necessary ports on an outgoing ACL ? thanks for the post
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
The administrator has disabled public write access.
  • Page:
  • 1
  • 2
Time to create page: 0.082 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup