02-20-2005 04:00 AM - edited 02-21-2020 01:37 PM
I have a PIX 515 (Central) with several internal networks. I want to connect a PIX 501 (Remote) with a dynamic IP address to the 515 as a LAN extension. We currently have VPN clients connecting to the 515.
The 515 is on 192.168.10.0/24 network. The servers I want to talk to are on the 192.168.1.0/24 network.
The 501 is on the 192.168.51.0/24 network.
What network address should I terminate the tunnel on? 192.168.10.0? or 192.168.1.0/24. Do I need some routes on the PIX?
Thanks
02-20-2005 09:32 AM
I assume 10.0 is on the inside network, 1.0 is on the DMZ of the 515. You should define the traffic for both networks to be tunneled.
On the 501 VPN interesting traffic is as follows.
src addr 51.0 dst addr 10.0
src addr 51.0 dst addr 1.0
On the 515 VPN interesting traffic is as follows
src addr 10.0 dst addr 51.0
src addr 1.0 dst addr 51.0
02-25-2005 03:58 AM
Thanks, got it to work.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide