Captain Colonoscopy
2[H]4U
- Joined
- Feb 19, 2004
- Messages
- 3,861
So, I have this client that needs to get a VPN tunnel established between their firm and another that they are partnering with on some project so they can share files or something. Client has a Cisco PIX515 and the partner firm has a Linksys RVS4000 firewall. I am pretty sure I have the tunnel setup on both sides correctly as the tunnel comes up but I can't pass any traffic over it from either direction. To make matters worse the partner firm has McCrappy Security Suite installed on all their desktops. So, if someone could take a look and see if they can spot something that I am missing that would be greatly appreciated.
Here are the pertinent portions of the Cisco PIX515 config:
Here is the configuration on the RVS4000 side of things:
Here are the pertinent portions of the Cisco PIX515 config:
access-list vpn permit ip 10.1.0.0 255.255.0.0 10.2.0.0 255.255.0.0
access-list vpn permit ip 10.1.0.0 255.255.0.0 192.168.1.0 255.255.255.0
access-list vpn permit ip 10.1.0.0 255.255.0.0 10.254.1.0 255.255.255.0
access-list ipsec permit ip 10.1.0.0 255.255.0.0 10.2.0.0 255.255.0.0
access-list split-tunnel permit ip 10.1.0.0 255.255.0.0 10.254.1.0 255.255.255.0
access-list outside_cryptomap_30 permit ip 10.1.0.0 255.255.0.0 192.168.1.0 255.255.255.0
nat (inside) 0 access-list vpn
crypto ipsec transform-set 3DES-MD5 esp-3des esp-md5-hmac
crypto map vpnmap 30 ipsec-isakmp
crypto map vpnmap 30 match address outside_cryptomap_30
crypto map vpnmap 30 set peer 7x.20x.22x.11x
crypto map vpnmap 30 set transform-set 3DES-MD5
isakmp enable outside
isakmp key ******** address 7x.20x.22x.11x netmask 255.255.255.255 no-xauth no-config-mode
isakmp identity address
isakmp nat-traversal 20
isakmp policy 10 authentication pre-share
isakmp policy 10 encryption 3des
isakmp policy 10 hash md5
isakmp policy 10 group 2
isakmp policy 10 lifetime 28800
Here is the configuration on the RVS4000 side of things: