Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
339
Views
0
Helpful
1
Replies

site to site problems when changed from pix to router

rbradfield
Level 2
Level 2

‎12-13-2004 01:55 AM - edited ‎02-20-2020 11:48 PM

customer has been using a pix to terminate clients and remote site vpns across the internet. the customer also has a Border manager proxy for Internet access for all users( internal and VPN), so for vpn user internet access was from client -> Pix -> Border manager-> internet router and vice versa.

see enclosed diagram

Because of the limitations on the pix( split horizon) the remote site vpns were moved to a router, everything is ok except intermittent problems with the internet access. What we see is that some packets from the border manager destined for a remote site user, go straight out of the outside interface of the border manager instead of going to the vpn router to be encrypted

I have done sniffer traces on all interfaces but caannot see anything. What we do see is the route changes on the border manager, but as there is only static routing I cannot see why

Preview file
192 KB
0 Helpful
1 Reply 1

mostiguy
Level 6
Level 6

‎12-15-2004 01:49 PM

The border manager's default gateway is the "internet router", right? If that is not the vpn router, is that the problem? Shouldn't the border manager have static routes to the vpn router for all the remote site ip address pools?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card