My customer has a Cisco PIX 515 with a VAC installed. He wants to establish a site to site VPN with another company that has a Checkpoint NG firewall. The customer wants to establish an IPSec tunnel b/w the two firewalls and then establish an L2TP tunnel over it (i.e L2TP over IPSec). This configuration is giving us problems as the IPsec tunnel is succesfully established but when it comes to configuring L2TP over IPsec, it doesnt work.
My question is that whether or not can a PIX firewall outside interface be used to terminate both an IPsec tunnel and L2TP tunnel when it is connecting to a Checkpoint NG firewall which is using separate interfaces for terminating the IPsec and L2TP tunnels. If this can be done, what is the procedure and configuration on the PIX to do that.
Thanks a bunch.