Hi Martin,

Thanks for ur input, but I am not sure that I got fully understand the bellow when reading the above link:

This document illustrates an IP Security (IPSec) configuration between a router and a Cisco Secure PIX Firewall. We want to use private internal IP addresses when passing traffic between the headquarters LAN and the remote LANs, and to translate the LAN hosts to routable IP addresses when users access the Internet. However, users can also access public pages on the Internet without their traffic going through the tunnel using the route-map command.

could u clarify it a little bit more,

Thanks,

Hello,

LAN users behind the router can access the LAN/networks behind the PIX through the IPSec tunnel. In addition internet access is allowed locally and not through the HQ. Wen the internet is accessed through the router locally, the router will also perform NAT to allow this.

Hope this clarifies a bit. What is still unclear?

Please rate all posts. Regards, Martin

Hi Martin,

u clarify it quite well, but I have one question:

1- What if I want to use all internet services/access via the HO, I meant to say in my case, I would like users behind the router using (proxy settings/Internet access/ip telephon communications) thats already applied behind HO-PIX?

In other words, lets consider the HO here is more likely provider, could I use all the Services including Internet access through the IP Sec Tunnel?

Thanks a gain for your concern,

Mohamed,