If your "VPN Client" is behind a Router, such as a DSL/Cablemodem Router for the home, you will need to make sure that the device allows NAT, and you configure a static map from a public IP to the private IP of the host in question.
Otherwise, you will experience the problems your describing. I've been working on establishing VPN Dynamic and Static connections with every possible combination cisco has documented for just one of my clients... and what I mentioned above has been the common rule. I've successfully gotten the PIX to VPN Client (3.5.1C)(Dynamic Tunnel Establishment), PIX to PPTP Client (Dynamic Tunnel Establishment), and PIX to PIX VPN (Static Tunnel Establishment) scenario to work, but the common denominator has been that both ends have to have Public Static IPs to get the tunnels to work. If the Client end doesn't come up, it's usually because of PAT, rather than NAT on the client end that is stopping it. I'll be working on tring to get the PIX to PIX Dynamic VPN scenario working this weekend... but again, that will be a challenge, due to the Client PIX being behind a CableModem. Your best bet for configuring your scenario is CCO; do a search for Security Tips, and then go through the numerous config samples until you find the one that matches your scenario... it should be pretty straight forward, and have troubleshooting tips at the end of each scenario. If you have any more questions, feel free to ask! Disclaimer: I am not a PIX expert, but have gained some interesting experience recently on the subject, so I may be able to help. :) If you've got a SmartNet contract, or you have a valid warranty on the PIX... call TAC! They are top notch with this stuff, and can get you going quickly... -Mark -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Paul Doyle Sent: Friday, May 10, 2002 5:26 PM To: [EMAIL PROTECTED] Subject: easy VPN tutorial ... [7:43901] Does anyone know of any websites with an easy to follow guide, or easy steps for creating 'client to Pix VPN' ??? I'm having difficulty setting this up ... I've even tried PPTP with no authentication without success ... I am using ver 6.1 for the Pix and 3.5 for the Cisco VPN client ... Any help or suggestions would be greatly welcomed ... Kind regards ... Paul ... Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=43906&t=43901 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
