Solved: Site2Site and remote VPN

taquiahmed · ‎03-12-2006

I have a site2site VPN between PIX506 and router 877. Site A has PIX506 and Site B has router 877. I have configured site2site VPN and it worked fine. I also configured remote VPN on PIX 506 so that remote user can access site A. But when I configure remote VPN on PIX506 the site2site VPN is working and both sides can ping each other. But site B users cannot access any network resource or application of SiteA whereas site A can access resources of site B. After removing remote VPN configuration site B can access resources of Site A. I have attached the configuration of both sites. Anyone please help me so that site2site and remote VPN works simultaneously.

jackko · ‎03-12-2006

please excuse me for not reading every single line.

a quick add-on regarding the pix config:

modify "isakmp key ******** address 213.181.169.8 netmask 255.255.255.255" to "isakmp key ******** address 213.181.169.8 netmask 255.255.255.255 no-xauth no-config-mode".

View solution in original post

jackko · ‎03-12-2006

please excuse me for not reading every single line.

a quick add-on regarding the pix config:

modify "isakmp key ******** address 213.181.169.8 netmask 255.255.255.255" to "isakmp key ******** address 213.181.169.8 netmask 255.255.255.255 no-xauth no-config-mode".

taquiahmed · ‎03-17-2006

Thanks Jackko,

Both site2site and remote VPN worked fine. But I have one more issue I have made Static Map for the webserver and I am confused how to apply access list so that internet users can access the webserver. If I apply the following commands will it effect the VPN

static (inside,outside) 213.181.160.44 192.168.0.140 netmask 255.255.255.255 255 0

Access-list 101 permit IP any host 213.181.160.44 eq 80

access-group 101 in interface outside

taquiahmed · ‎03-17-2006

Jackko,

I have applied the above commands and it worked fine.

Thanks.

jackko · ‎03-18-2006

the static command and the inbound acl look perfect, it should not affect the vpn.