Does anyone know if there is any work being done to enable some sort of IPsec ESP session multiplexing for PIX firewalls using PAT? I know that it's not possible today, but SonicWALL and Nexland devices can already support multiple IPsec client connections initiated from nodes on the inside interface of the firewall, and it is becoming increasingly frustrating that the PIX cannot.
I'm aware that CVPNC 3.x can encapsulate IPsec in TCP or UDP for tunnels that terminate on VPN 3000 Concentrators. I've used the feature several times for several customers, but other customers and my own staff frequently have the need to tunnel to a PIX through a PIX (with PAT). Other customers need to tunnel to a non-Cisco IPsec VPN server with a non-Cisco IPsec client (like the SafeNet Soft-PK client, for instance). Even once "IPsec over TCP/UDP" is implemented in IOS and PIX OS (is there any ETA information about this?), the latter will still be a problem.
Learn about the rapidly evolving cyberthreat landscape and how both organizations and users can protect themselves as we transition to a forever hybrid world through a conversation with Cisco Talos Security Research Leader for Europe, Middle East, Africa,...
When we said the word “hybrid” in the past, it usually recalled the image of a new variety of plant or maybe an electric car. These days, it applies to the workplace too.
The future of work isn’t “changing” to a h...
Thanks for attending our Ask the Experts (ATXs) session! Here’s the post-session resources for easy reference.
New to ATXs? An ATXs session, offered at no cost, is an hour of real-time learning led by Cisco experts, who will answer your technology q...
Cisco Secure Endpoint
New packages fit for every organization
Every Cisco Secure Endpoint (formerly AMP for Endpoints) package comes with Cisco SecureX built-in. It’s our cloud-native platform that integrates all your security solutions into one view wit...