Hi RR,
You can get it to work using static one-to-one NAT if you are careful about
the IPSEC algorithms you use (you can't use AH, since it verifies the fields
in the encapsulating packet, which are ofcourse modified by the NAT
process), but you can use ESP (which is where the encryption is done). So
maybe check that your not using AH.
C
-----Original Message-----
From: r r [mailto:[EMAIL PROTECTED]]
Sent: 31 August 2001 03:47
To: [EMAIL PROTECTED]
Subject: Re: vpn through pix [7:17782]
yes, pat running on the pix. i did make static
translations for the vpn users so they dont have a pat
address.
Are you running PAT on the pix?
----- Original Message -----
From: "r r"
To:
Sent: Wednesday, August 29, 2001 8:19 PM
Subject: vpn through pix [7:17782]
> does anybody have ideas on what is needed to use a
vpn
> client through a pix running nat? another way to
put
> it: i have users inside the pix wanting to vpn to
> another host across the internet through our pix
> running nat/pat. the vpn client says it gets
> connected but disconnects after a couple of minutes.
> i dont know if it really connects or just says it
does
> but it doesnt seem to work. any ideas?
>
> D
>
> __________________________________________________
> Do You Yahoo!?
> Get email alerts & NEW webcam video instant
messaging with Yahoo!
Messenger
> http://im.yahoo.com
Message Posted at:
__________________________________________________
Do You Yahoo!?
Get email alerts & NEW webcam video instant messaging with Yahoo! Messenger
http://im.yahoo.com
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=18230&t=17782
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
