IPSec and multiple subnets

gcumarasamy · ‎10-04-2002

Hi:

I have a LAN environment with 2 different IP subnets (172.16.0.0/16 and 172.170.0.0/16). My IPSec tunnel is configured for 172.16.0.0 subnet. If a remote users connects to subnet 172.16.0.0/16 through IPSec tunnel they can not access the 172.17.0.0/16 subnet. My understanding is only one subnet can be configured for an IKE tunnel. Is there any other way of allowing the remote users to access the 172.17.0.0 subnet, when they connect using the IPSec tunnel for 172.16.0.0 subnet??

Thanks in advance for your help.

afakhan · ‎10-05-2002

Hi,

You can have your remote users to be able to access multiple subnets behind your Router/PIX/VPN3K, just make sure that if you have split tunneling configured they are included in that, in case of ALL tunneling its not an issue at all, offcourse make sure that users on 172.16/16 and 172.17/16, can route traffic back to pool of IPs that you are assigning to your remote access VPN users!

Let me know, if you have any further Qs.

Thanks,

Afaq