You will have to use NAT instead of PAT for these clients. ISP is a layer 3
protocol and PAT uses layer 4....tcp port assignments. Make sure protocol
50, 51, and udp port 500 are opened up for outbound connections. Check the
client log to see where it is failing in the negotiation. That will give you
an idea of what add'l configuration is required for the outside interface.
HTH,
MikeN
""r r"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> does anybody have ideas on what is needed to use a vpn
> client through a pix running nat? another way to put
> it: i have users inside the pix wanting to vpn to
> another host across the internet through our pix
> running nat/pat. the vpn client says it gets
> connected but disconnects after a couple of minutes.
> i dont know if it really connects or just says it does
> but it doesnt seem to work. any ideas?
>
> D
>
> __________________________________________________
> Do You Yahoo!?
> Get email alerts & NEW webcam video instant messaging with Yahoo!
Messenger
> http://im.yahoo.com
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17798&t=17782
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
