Announcement

Collapse
No announcement yet.

Cisco PIX 515E configuration

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Cisco PIX 515E configuration

    Hello folks -

    I have a Cisco PIX 515E that is at our main site. We have a branch site that is connected to our main site using Cisco 2821 router. Our network address at the main site is 10.0.0.0/24, and at our branch site is 10.2.2.0/24.

    When I VPN in from home, I get an address like 172.16.x.x, /16 from the PIX.

    From home I am unable to get to any devices at the branch site. I've ried the following but that did not resolve the issue.

    On the branch site router:
    ip route 172.16.0.0 255.255.0.0 172.16.80.1 (ip address of router connecting the main site to the branch site)
    ip route 172.16.0.0 255.255.0.0 10.0.0.1 (ip add of Cisco PIX at main site)

    On the main site router:
    ip route 172.16.0.0 255.255.0.0 10.0.0.1

    Can you guys tell me where am I going wrong or what do I need to do?

    Thanks!

  • #2
    Re: Cisco PIX 515E configuration

    Hi kunz12,

    Hmm, just a thought - is your default gateway correct on the VPN adaptor of your VPN client? Meaning, do you receive one and is it correct?

    Is there another router between these two? 172.16.80.1 ?

    If so, does it have the right routes configured?

    Perhaps you could draw a simple picture Visio to show what networks are where, the routes on each device, and to help us userstand the network bettter. I will attach a sample Visio diagram.

    Thanks for your post!
    Attached Files
    David Davis - Petri Forums Moderator & Video Training Author
    Train Signal - The Global Leader in IT Video Training
    TrainSignalTraining.com - Free IT Training Products
    Personal Websites: HappyRouter.com & VMwareVideos.com

    Comment


    • #3
      Re: Cisco PIX 515E configuration

      Originally posted by kunz12 View Post
      Hello folks -

      I have a Cisco PIX 515E that is at our main site. We have a branch site that is connected to our main site using Cisco 2821 router. Our network address at the main site is 10.0.0.0/24, and at our branch site is 10.2.2.0/24.

      When I VPN in from home, I get an address like 172.16.x.x, /16 from the PIX.

      From home I am unable to get to any devices at the branch site. I've ried the following but that did not resolve the issue.

      On the branch site router:
      ip route 172.16.0.0 255.255.0.0 172.16.80.1 (ip address of router connecting the main site to the branch site)
      ip route 172.16.0.0 255.255.0.0 10.0.0.1 (ip add of Cisco PIX at main site)

      On the main site router:
      ip route 172.16.0.0 255.255.0.0 10.0.0.1

      Can you guys tell me where am I going wrong or what do I need to do?

      Thanks!

      Tips >

      -Make sure VPN account for you is created in PIX with password.
      - I hope your using Cisco VPN client software to connect to your company intranet from your home PC .
      - There is nothing to do with those IP's. Which ever ISP you have at home, doesnt matter.

      First thing is you must be able to connect to your VPN network.

      Commonly most people specify > vpn.abc.com ( The VPN string ) & user name/group with password.

      Once you are connected, try to ping to any machine,server in your company network. But ebfore anything, you must be able to connect and for that make sure your user name for VPN connection is available in 515e PIX. We have the same PIX in our head office and at branch office.

      I suggest you to specify VPN string not the IP address while connecting.
      All in 1
      Solaris,Linux & Windows admin + networking.

      Comment


      • #4
        Re: Cisco PIX 515E configuration

        Can you post the config from the pixen here? Strip the strings out of course and any public IPs.

        Sounds like either you're missing a rule or you may need on the main pix same-security permit inter-interface or something like that depending on how your network is setup.
        Thanks,
        Brian Desmond
        Microsoft MVP - Directory Services
        www.briandesmond.com

        Comment

        Working...
        X