XPost: comp.dcom.sys.cisco   
   From: roberson@ibd.nrc-cnrc.gc.ca   
      
   In article ,   
   JammyKat  wrote:   
   :We're trying to establish a VPN from inside the network to a web   
   :server on the DMZ with no luck.  We're just using the PIX, no VPN   
   :concentrator.  Other VPNs from inside-outside and outside-inside are   
   :working fine.  This one just won't connect.  Any ideas?   
      
   Please post a bit of a diagram. From your message, I am not sure   
   whether the starting point is a host on the inside network (with   
   vpn client software), or if you are trying to create a VPN between   
   the PIX itself and the web server? Or is the PIX the destination point   
   for the VPN with a plain non-VPN connection to the WWW server? Are   
   you just trying to pass through the PIX but the PIX is otherwise not   
   involved in the VPN?   
      
   Should your VPN be in terms of internal IP addressing, or should   
   it be be doing NAT as it crosses interfaces? What relevant static's   
   and global's and nat's do you have? What VPN protocols are involved --   
   isakmp (UDP 500), AH, ESP, GRE, UDP 4500?   
      
   What are you seeing in the PIX syslogs?   
      
   --   
      Look out, there are llamas!   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)