Sounds like you're not allowing split tunnel on the Pix. With out split tunnel, the client defaults to encrypting all packets and forwarding them to the PIX, even if the destination is on the local segment.
Chuck Church CCIE #8776, MCNE, MCSE Wam!Net Government Services 13600 EDS Dr. Herndon, VA 20171 cell 585-233-2706 [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of d tran Sent: Tuesday, March 11, 2003 8:31 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Problem with Cicso VPN Client 3.6.3.B-k9 connecting to a pix Hi, I have Cisco VPN client version 3.6.3.B-k-9 (latest version) running windows XP Service Pack 1. The IP address of this window machine is 172.16.1.200. I set up extended authentication on the Pix firewall for remote Cisco VPN users and everything is working great. The outside interface of the firewall is 172.16.1.1 with a netmask of 24 The problem is that whenever the windows is rebooted, no one on the 172.16.1.0/24 network can ping this Windows XP machine. I do have a unix machine on the same network (172.16.1.100). Basically the windows XP machine can not do anything because it has no network connectivity. Even the firewall can not ping the Windows XP machine. The only way for this to work is for me to "uninstall" Cisco VPN Client and reboot the Windows XP box. After the reboot, windows is working again. Now under Windows XP Task Manager, I do see a process "CVPND.exe" running that I don't recall with previous versions of Cisco VPN Client. Anyone has run into this problem before? Regards, David --------------------------------- Do you Yahoo!? Yahoo! Web Hosting - establish your business online Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=65311&t=65311 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
