Skip to main content

Allow IPSec through PIX 506E

More
17 years 8 months ago #20167 by georgeqiso
Hello all!

I`m having a huge problem with remote VPN connection to the WatchGuard VPN server using WatchGuard VPN software through my PIX 506E firewall. I`m not good with FireWalls and I`ll might have some mistakes in my question and I`m sorry for that.
Ok Here is the situation.The Watchguard VPN server on remote site uses IPSec to accept remote connections,I want to use the same WatchGuard VPN software to connect to the server,but it fails.as I mentioned I have a PIX506E in my office.My question is, do i have to do some config in my PIX to allow connection to the VPN server.
I hope I described my problem clearly,if not forgive me please
More
17 years 8 months ago #20230 by georgeqiso
I don`t believe!Nobody has the answer?
More
17 years 8 months ago #20240 by Smurf
Have you allowed the IPSec Ports/Protocols through and also the necessary Static command to map to the VPN Server on the inside ?

Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
More
17 years 7 months ago #20725 by ZiPPy
wow, to bad this post kind of died, was curious about the answer and final result. Why mix the two, WatchGuard and a PIX? Just curious in the topology and setup of that network.


ZiPPy

ZiPPy
More
17 years 6 months ago #21604 by semper
Are you wanting something like this:

vpn client / internal network -- pix firewall -- internet -- vpn server (??)

If that's the case you will need to add "sysopt connection permit-ipsec" in your pix firewall and that will allow IPSec tunnels originationg from the internal network through the PIX to a remote VPN server.
More
17 years 6 months ago #21619 by Smurf
didn't know that, will that command mean that you don't need to add the necessary ports on an outgoing ACL ? thanks for the post

Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Time to create page: 0.129 seconds