Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
442
Views
0
Helpful
2
Replies

PtoP tunnel on DMZ

vijay sanwal
Level 1
Level 1

‎11-13-2005 04:32 AM

Hi, Can i terminate my PtoP ipsec tunnels on DMZ interface in PIX with ver 7.0.

Pix does not allow redirection or traffic through same interface, is it possible if i use Vlans.

Labels:
0 Helpful
2 Replies 2

jackko
Level 7
Level 7

‎11-13-2005 03:17 PM

you mentioned "to terminate lan-lan vpn on dmz interface". just wondering if you are referring to terminating the tunnel on the outside and only allow access to the dmz; or terminating the tunnel on the dmz interface via the outside interface; or terminating the tunnel directly on dmz interface as dmz is connected to the internet directly.

secondly, pix v7 does re-route ipsec traffic on the same interface.

it would be great if more details are provided, so that we can put in some valuable inputs.

0 Helpful

vijay sanwal
Level 1
Level 1
In response to jackko

‎11-13-2005 11:11 PM

I intend to terminate internet onto my DMZ interface to have my ipsec tunnels open on DMZ port.

This relates to my other mail on "Websense-Pix integration" which u replied.

If i terminate my IPsec tunnels through DMZ, i ll be able to separate traffic going to internet from my branches, which can connect to DMZ port through IPSEC tunnels.

Then, at outside i can monitor traffic for internet.

0 Helpful
Customers Also Viewed These Support Documents