- Posts: 2
- Thank you received: 0
Allow IPSec through PIX 506E
- georgeqiso
- Topic Author
- Offline
- New Member
Less
More
17 years 8 months ago #20167
by georgeqiso
Allow IPSec through PIX 506E was created by georgeqiso
Hello all!
I`m having a huge problem with remote VPN connection to the WatchGuard VPN server using WatchGuard VPN software through my PIX 506E firewall. I`m not good with FireWalls and I`ll might have some mistakes in my question and I`m sorry for that.
Ok Here is the situation.The Watchguard VPN server on remote site uses IPSec to accept remote connections,I want to use the same WatchGuard VPN software to connect to the server,but it fails.as I mentioned I have a PIX506E in my office.My question is, do i have to do some config in my PIX to allow connection to the VPN server.
I hope I described my problem clearly,if not forgive me please
I`m having a huge problem with remote VPN connection to the WatchGuard VPN server using WatchGuard VPN software through my PIX 506E firewall. I`m not good with FireWalls and I`ll might have some mistakes in my question and I`m sorry for that.
Ok Here is the situation.The Watchguard VPN server on remote site uses IPSec to accept remote connections,I want to use the same WatchGuard VPN software to connect to the server,but it fails.as I mentioned I have a PIX506E in my office.My question is, do i have to do some config in my PIX to allow connection to the VPN server.
I hope I described my problem clearly,if not forgive me please
- georgeqiso
- Topic Author
- Offline
- New Member
Less
More
- Posts: 2
- Thank you received: 0
17 years 8 months ago #20230
by georgeqiso
Replied by georgeqiso on topic Re: Allow IPSec through PIX 506E
I don`t believe!Nobody has the answer?
17 years 8 months ago #20240
by Smurf
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Replied by Smurf on topic Re: Allow IPSec through PIX 506E
Have you allowed the IPSec Ports/Protocols through and also the necessary Static command to map to the VPN Server on the inside ?
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
17 years 7 months ago #20725
by ZiPPy
ZiPPy
Replied by ZiPPy on topic Re: Allow IPSec through PIX 506E
wow, to bad this post kind of died, was curious about the answer and final result. Why mix the two, WatchGuard and a PIX? Just curious in the topology and setup of that network.
ZiPPy
ZiPPy
ZiPPy
17 years 6 months ago #21604
by semper
James
www.securitygeek.net
Replied by semper on topic Re: Allow IPSec through PIX 506E
Are you wanting something like this:
vpn client / internal network -- pix firewall -- internet -- vpn server (??)
If that's the case you will need to add "sysopt connection permit-ipsec" in your pix firewall and that will allow IPSec tunnels originationg from the internal network through the PIX to a remote VPN server.
vpn client / internal network -- pix firewall -- internet -- vpn server (??)
If that's the case you will need to add "sysopt connection permit-ipsec" in your pix firewall and that will allow IPSec tunnels originationg from the internal network through the PIX to a remote VPN server.
James
www.securitygeek.net
17 years 6 months ago #21619
by Smurf
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Replied by Smurf on topic Re: Allow IPSec through PIX 506E
didn't know that, will that command mean that you don't need to add the necessary ports on an outgoing ACL ? thanks for the post
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Time to create page: 0.129 seconds