Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
406
Views
0
Helpful
1
Replies

Remote access vpn

Lharrypersaud
Level 1
Level 1

‎04-05-2005 10:06 AM - edited ‎02-21-2020 01:42 PM

If my private network address is 192.168.2.0 and i want to setup my remote access vpn users to access my network from anywhere in the world, how should i create the access list statement? Should it look like this - access-list 101 permit ip 192.168.2.0 255.255.255.0 any? Sorry i keep asking these simple questions but i am fairly new when it comes to working with vpn on pix firewall

Thanks

Labels:
0 Helpful
1 Reply 1

sachinraja
Level 9
Level 9

‎04-06-2005 12:56 AM

Hello lharry

it depends on your IP pool defined for the remote vpn users.. if the IP pool is in the same range as your PIX inside, you need not have any access-list definition.. If the Ip pool is on a different segment, you need to define nat 0 statement and appropriate ACLs on PIX.

eg.. IP pool 192.168.2.0/24

server IP in inside 10.1.1.1

nat (inside) 0 access-list nonat

access-list nonat permit ip host 10.1.1.1 192.168.2.0 255.255.255.0

access-list inside permit ip host 10.1.1.1 192.168.2.0 255.255.255.0

thats it.. you need not define any crypto ACLs here because the tunnel always initiates from the other end...

HTH

Raj

0 Helpful
Customers Also Viewed These Support Documents