| Author |
How to open inbound ESP protocol on a PIX 515
|
|
| Corbin O'Reilly 2005-05-01, 5:49 pm |
| Hello. We have someone inside our LAN that needs to VPN into a system
outside our firewall. One of the requirements is for Protocol ESP to be open
in both directions, incoming and outgoing. Our PIX 515 does not block
anything outbound. What command line do I need to add to my PIX to open
Protocol ESP inbound? Thanks for the help.
| |
| Lutz Donnerhacke 2005-05-01, 5:49 pm |
| * Corbin O'Reilly wrote:
> What command line do I need to add to my PIX to open Protocol ESP
> inbound?
static.
| |
| Corbin O'Reilly 2005-05-01, 5:49 pm |
| Hi. I am confused by your answer. You wrote "static." Could you please
descibe the answer in more detail or write out the complete command line?
Thanks.
"Lutz Donnerhacke" <lutz@iks-jena.de> wrote in message
news:slrnd71vvr.to.lutz@taranis.iks-jena.de...
>* Corbin O'Reilly wrote:
>
> static.
| |
|
|
| Corbin O'Reilly 2005-05-01, 5:49 pm |
| Hi Lutz. I added some static mappings and it worked. Thanks for helping me
out.
"Lutz Donnerhacke" <lutz@iks-jena.de> wrote in message
news:slrnd721bj.to.lutz@taranis.iks-jena.de...
>* Corbin O'Reilly wrote:
>
> http://www.cisco.com/en/US/products....html#wp1026694
| |
| darkfluid 2005-05-04, 10:10 am |
| Security wise, this isn't that great, I would advise getting a vpn client that will encapsulate into udp packets. (think nortel contivity). That way you don't have to use static mapping, or open everything outbound. |
|
|
|