Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: PIX VPN client question

PIX VPN client question 2 years 6 months ago #38540

  • necro
  • necro's Avatar
  • Offline
  • New Member
  • Posts: 1
  • Karma: 0
Hi,

I have a PIX 515e confirgure with VPN remote access.
VPN client successfully connected from outside.

The VPN ip pool is 172.19.100.101~

How can the VPN client access a Internal server with ip 172.59.1.10?

below is the simplified version of config:
=~=~=~=~=~=~=~=~=~=~=~=
sh run
: Saved
:
PIX Version 6.3(1)


access-list outside_access_in permit ip 172.19.100.96 255.255.255.240 interface inside
access-list inside_outbound_nat0_acl permit ip any 172.19.100.96 255.255.255.240
access-list inside_outbound_nat0_acl permit ip any host 172.59.1.1
access-list inside_outbound_nat0_acl permit ip host 172.19.100.64 host knizam
access-list outside_cryptomap_dyn_20 permit ip any 172.19.100.96 255.255.255.240
access-list outside_cryptomap_20 permit ip host 172.19.100.64 host knizam
no pager
logging on
logging timestamp
logging trap warnings
logging facility 22
logging device-id string pixfirewall
logging host inside Linux_File_Srv
mtu outside 1500
mtu inside 1500
mtu intf2 1500
ip address outside 203.x.x.27 255.255.255.248
ip address inside 172.19.100.20 255.0.0.0
no ip address intf2
ip verify reverse-path interface outside
ip verify reverse-path interface inside
ip audit info action alarm
ip audit attack action alarm
ip local pool klccippool 172.19.100.101-172.19.100.105

arp timeout 14400
global (outside) 10 interface
nat (inside) 0 access-list inside_outbound_nat0_acl
nat (inside) 10 0.0.0.0 0.0.0.0 0 0

static (inside,outside) 203.x.x.26 172.19.100.64 netmask 255.255.255.255 0 0
static (inside,outside) 172.19.100.20 172.19.100.20 netmask 255.255.255.255 0 0
access-group outside_access_in in interface outside
access-group inside_access_in in interface inside
route outside 0.0.0.0 0.0.0.0 203.x.x.25 1

http 0.0.0.0 0.0.0.0 outside
http 172.19.100.64 255.255.255.255 inside
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
floodguard enable
sysopt connection permit-ipsec
The administrator has disabled public write access.
Time to create page: 0.072 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup