08-04-2002 08:26 AM - edited 03-08-2019 11:48 PM
can anyone point me to sample configs using all 3 interfaces?
i would like to use the external interface to provide vpn connectivity to a "pocket" network configured on one of the dmz interfaces of my pix 525 but cant seem to find any examples of using the external interface.
thx for any suggestions.
08-04-2002 03:35 PM
Hi,
There is no sample config in the CCO for VPN 3000 using external interface.
Here is a quick Tip:
1 "Configuration | Interfaces | Ethernet 3" to config the external interface:
Please check "public interface" and choose "public default" as the filter, put in ip address and subnet mask.
2 Because external interface will not use "default gateway", it should use the external interface next hop router to do the routing, so please go to
"Configuration | System | IP Routing | Static Routes" to put static route to make the routing through the external link.
3 "Configuration | System | Tunneling Protocols | IPSec LAN-to-LAN | Modify"
No difference with you configing the LAN to LAN tunnel with public. Please make sure to choose "external" instead of "public" interface.
That is it. Following above steps, it should be working fine.
Best Regards,
08-06-2002 09:38 AM
we are hosting a group of "outsiders" that are using us strictly for outbound connectivity.
what i wish to do is define a group/user on the 3015 that dumps outside users directly into this pocket network. i dont want to give them anymore access in the firewall other than default route. (ie, a way out to internet)
can this be done this way? if this is more involved i will contact TAC but it seemed better to get my education here then consume the tacs time.
08-06-2002 05:19 PM
Hi,
It can be done as you want.
Put those users into that group and assign different ip pool address to them.
you might need config user defined filters and apply to that group to filtering the traffic (deny all except going out through the external interface).,
http://www.cisco.com/warp/customer/471/filter.html
Best Regards,
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide