Announcement

Collapse
No announcement yet.

PIX 501 routing problem

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • PIX 501 routing problem

    Hi Guys,

    I'm trying to create a VPN from my PIX 501 to Juniper 5gt. The vpn part, from what I understand, looks easy enough. My real problem is the routing between them.
    I'm using an XP box to simulate my internet. It has 2 NICs and routing has been enabled in the system registry.

    background info:

    Juniper Side:
    Client: 192.168.100.10/24
    Inside IP: 192.168.100.3/24
    Outside IP: 10.0.0.3/29

    "Internet"
    Juniper side: 10.0.01/29
    Cisco Side: 200.50.13.1/29

    Cisco Side
    Client : 192.168.254.4/24
    Inside IP: 192.168.254.3/24
    Outside IP: 200.50.13.3/29

    Now I've added a route to the Cisco:
    address: 0.0.0.0/0 gateway: 200.50.13.1

    I've also allowed ICMP and TCP/IP on the cisco using default routes

    That has allowed me to be able to ping 200.50.13.1 (obviously) and 10.0.0.1. but not 10.0.0.3

    On the Juniper side, i've added a source route:
    address: 0.0.0.0/0 gateway 10.0.0.1

    default policies remain on the juniper (any-any)

    That has allowed the juniper client to ping 200.50.13.1 AND 200.50.13.3

    __________________________________________________ __

    The thing that really bugs me is that the "internet" can ping both untrusted IPs of the cisco and Juniper. (So i know its not a issue with not allowing ping on each device ). I can even remote desktop to the "internet" but just can't seem to reach 10.0.0.3.

    If you need more information to help don't forget to ask. Thanks. I really appreciate it.
    Last edited by sabbyman; 14th January 2009, 13:32. Reason: small errors in details
Working...
X