Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
254
Views
0
Helpful
1
Replies

VPN 3000 in single DMZ

stuart.christie
Level 1
Level 1

‎02-22-2005 09:38 AM - edited ‎02-21-2020 01:37 PM

Hi,

Is it possible to either connect both the public and private interfaces of a VPN 3000 Concentrator to a single DMZ subnet, or to use the concentrator with only one interface connected? (Irrespective of whether either is a good idea!)

Thanks

Stuart

Labels:
0 Helpful
1 Reply 1

gfullage
Cisco Employee
Cisco Employee

‎02-24-2005 08:26 PM

The concentrator does support one-armed tunnelling, no problem. Use the Private interface of the concentrator for this rather than the Public. This doesn't work for LAN-to-LAN tunnels (only remote VPN clients), you also lose IPsec over TCP and load-balancing features. Not a recommended solution but certainly does work.

You couldn't really connect up both interfaces to a single DMZ cause that would imply both interfaces have to be in the same subnet, which is not supported.

0 Helpful
Customers Also Viewed These Support Documents