Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
581
Views
3
Helpful
5
Replies

Routing between multiple VPN's into a 506E?

LLOCNate1
Level 1
Level 1

‎04-10-2006 08:41 AM

Hello, I've got a 506E that is the central point for 11 remote locations. 11 VPN tunnels have been established and traffice is flowing between the 506E and each invididual Remote. We also have the CIsco Software client 4.0.4 configured and operating smoothly. What I can't get working is routing traffic between the VPN's either IPSEC clients or the Software client. Each VPN's subnet is isolated.

IP Scheme:

Main office 10.0.0.0

Remote Loc's 192.168.X.0

Software Client 10.1.1.0

The current config can be posted if need be.

THANKS in ADVANCE!

Labels:
0 Helpful
5 Replies 5

akin.oyelakin
Level 1
Level 1

‎04-11-2006 08:01 AM

Hi,

This may not be possible using PIX. PIX does not route traffic received on one interface back out the same interface. so inter-spoke communication is not possible. two things u can do.

1. do a full mesh IPSEC config for spoke that need to communicate with each other.

2. do the HUB/ Spoke arrangement using a router or VPN concentrator (i.e terminate the IPSec VPN on them)

pls check

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080093bd3.shtml

0 Helpful

LLOCNate1
Level 1
Level 1
In response to akin.oyelakin

‎04-11-2006 09:21 AM

I should be able to route ALL VPN traffic to a local router and then route it back out? the correct IPSEC tunnel, though, can't I?

Thanks!

0 Helpful

akin.oyelakin
Level 1
Level 1
In response to LLOCNate1

‎04-12-2006 02:44 AM

Hi, cisco seems to have fixed this problem in 7.0 version of PIX os pls look at this link

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00804675ac.shtml

rate if it helps

LLOCNate1
Level 1
Level 1
In response to akin.oyelakin

‎04-12-2006 08:43 AM

I appreciate the help on this, but unfortunately ver. 7 isn't supported on a 506E...

0 Helpful

globalnettech
Level 5
Level 5
In response to LLOCNate1

‎04-13-2006 10:37 PM

Hello,

as of now, version 7 is indeed not supported on the 506E. As a matter of fact, I don´t think you can accomplish what you want with the 506E. If you run 6.3, this allows you to run a small number of VLAN´s (2) when configuring the PIX to trunk with a switch (see the link below for a configuration example), but obviously that is not nearly enough for the amount of connections you have...

Using VLANs with the Firewall

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a0080172786.html#wp1113411

HTH,

GNT

0 Helpful
Customers Also Viewed These Support Documents