I did try to clear the sas on both sides, and it didn't seem to have an effect.
I'm using nat 0 so that the client on the inside is not NATted at the
external interface of the PIX, which would break the IPSec tunnel. I am
using sysopt connection permit-ipsec, which does what you describe.
Ben
ry 09, 2001 10:57 AM
To: [EMAIL PROTECTED]
Subject: Win2k and PIX IPSec?
Has anyone sucessfully set up an IPSec tunnel between a Windows 2000
client running the native Win2k IPSec stack and a PIX? If so, do you
have a sample config?
I'm able to establish an SA between the PIX and the Win2k bo
I've had that error before. It was between 2 PIX's though. The fix ( on
both sides ) was to do a "clear crypto ipsec sa" and "clear crypto isakmp
sa". And then it worked. It was like the SA's got outa sync or something.
Or one side had a valid SA and the other didn't. On a side note - have yo
Has anyone sucessfully set up an IPSec tunnel between a Windows 2000
client running the native Win2k IPSec stack and a PIX? If so, do you
have a sample config?
I'm able to establish an SA between the PIX and the Win2k box, but I'm
unable to pass traffic. For instance, a ping from inside the PIX
ween 1024-65535".
Kenny
- Original Message -
From:
Kenny
Sallee
To: [EMAIL PROTECTED]
Sent: Tuesday, July 11, 2000 6:20
PM
Subject: WIN2K and PIX
Has anyone needed to allow all Win2k admin BS
through a PIX firewall? RPC is about the only thing not working.
Has anyone needed to allow all Win2k admin BS
through a PIX firewall? RPC is about the only thing not working.
I've got it opened up 100% - including the following for RPC:
established
tcp 0 135 permitto tcp 135 permitfrom tcp 1024-65535
Anyone
dealt with this before? There are Win2K
6 matches
Mail list logo
