- Posts: 1
- Thank you received: 0
PIX VPN client question
10 years 5 months ago #38540
by necro
PIX VPN client question was created by necro
Hi,
I have a PIX 515e confirgure with VPN remote access.
VPN client successfully connected from outside.
The VPN ip pool is 172.19.100.101~
How can the VPN client access a Internal server with ip 172.59.1.10?
below is the simplified version of config:
=~=~=~=~=~=~=~=~=~=~=~=
sh run
: Saved
:
PIX Version 6.3(1)
access-list outside_access_in permit ip 172.19.100.96 255.255.255.240 interface inside
access-list inside_outbound_nat0_acl permit ip any 172.19.100.96 255.255.255.240
access-list inside_outbound_nat0_acl permit ip any host 172.59.1.1
access-list inside_outbound_nat0_acl permit ip host 172.19.100.64 host knizam
access-list outside_cryptomap_dyn_20 permit ip any 172.19.100.96 255.255.255.240
access-list outside_cryptomap_20 permit ip host 172.19.100.64 host knizam
no pager
logging on
logging timestamp
logging trap warnings
logging facility 22
logging device-id string pixfirewall
logging host inside Linux_File_Srv
mtu outside 1500
mtu inside 1500
mtu intf2 1500
ip address outside 203.x.x.27 255.255.255.248
ip address inside 172.19.100.20 255.0.0.0
no ip address intf2
ip verify reverse-path interface outside
ip verify reverse-path interface inside
ip audit info action alarm
ip audit attack action alarm
ip local pool klccippool 172.19.100.101-172.19.100.105
arp timeout 14400
global (outside) 10 interface
nat (inside) 0 access-list inside_outbound_nat0_acl
nat (inside) 10 0.0.0.0 0.0.0.0 0 0
static (inside,outside) 203.x.x.26 172.19.100.64 netmask 255.255.255.255 0 0
static (inside,outside) 172.19.100.20 172.19.100.20 netmask 255.255.255.255 0 0
access-group outside_access_in in interface outside
access-group inside_access_in in interface inside
route outside 0.0.0.0 0.0.0.0 203.x.x.25 1
http 0.0.0.0 0.0.0.0 outside
http 172.19.100.64 255.255.255.255 inside
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
floodguard enable
sysopt connection permit-ipsec
I have a PIX 515e confirgure with VPN remote access.
VPN client successfully connected from outside.
The VPN ip pool is 172.19.100.101~
How can the VPN client access a Internal server with ip 172.59.1.10?
below is the simplified version of config:
=~=~=~=~=~=~=~=~=~=~=~=
sh run
: Saved
:
PIX Version 6.3(1)
access-list outside_access_in permit ip 172.19.100.96 255.255.255.240 interface inside
access-list inside_outbound_nat0_acl permit ip any 172.19.100.96 255.255.255.240
access-list inside_outbound_nat0_acl permit ip any host 172.59.1.1
access-list inside_outbound_nat0_acl permit ip host 172.19.100.64 host knizam
access-list outside_cryptomap_dyn_20 permit ip any 172.19.100.96 255.255.255.240
access-list outside_cryptomap_20 permit ip host 172.19.100.64 host knizam
no pager
logging on
logging timestamp
logging trap warnings
logging facility 22
logging device-id string pixfirewall
logging host inside Linux_File_Srv
mtu outside 1500
mtu inside 1500
mtu intf2 1500
ip address outside 203.x.x.27 255.255.255.248
ip address inside 172.19.100.20 255.0.0.0
no ip address intf2
ip verify reverse-path interface outside
ip verify reverse-path interface inside
ip audit info action alarm
ip audit attack action alarm
ip local pool klccippool 172.19.100.101-172.19.100.105
arp timeout 14400
global (outside) 10 interface
nat (inside) 0 access-list inside_outbound_nat0_acl
nat (inside) 10 0.0.0.0 0.0.0.0 0 0
static (inside,outside) 203.x.x.26 172.19.100.64 netmask 255.255.255.255 0 0
static (inside,outside) 172.19.100.20 172.19.100.20 netmask 255.255.255.255 0 0
access-group outside_access_in in interface outside
access-group inside_access_in in interface inside
route outside 0.0.0.0 0.0.0.0 203.x.x.25 1
http 0.0.0.0 0.0.0.0 outside
http 172.19.100.64 255.255.255.255 inside
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
floodguard enable
sysopt connection permit-ipsec
Time to create page: 0.107 seconds