G
Guest
Guest
Archived from groups: comp.security.firewalls (More info?)
I have a guy in China, and they have Firewall-1. He needs to access the UK
and normally he uses the Cisco VPN client, and connects to the PIX here. It
works fine if he dials an ISP, but not from the LAN. The Firewall-1 manager
has allowed AH, ESP and UKE (UDP 500) through in both directions, but the
client cannot 'see' the PIx and timesout. They are using NAT on the
firewall, but I have had it working fine through NAT before.
There seems to be an option on the client for using TCP, rather than UDP,
but I cannot find anything for the PIX, only the VPN Concentrator.
Any help gratefully received. Thanks.
Reg
I have a guy in China, and they have Firewall-1. He needs to access the UK
and normally he uses the Cisco VPN client, and connects to the PIX here. It
works fine if he dials an ISP, but not from the LAN. The Firewall-1 manager
has allowed AH, ESP and UKE (UDP 500) through in both directions, but the
client cannot 'see' the PIx and timesout. They are using NAT on the
firewall, but I have had it working fine through NAT before.
There seems to be an option on the client for using TCP, rather than UDP,
but I cannot find anything for the PIX, only the VPN Concentrator.
Any help gratefully received. Thanks.
Reg