Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
461
Views
0
Helpful
2
Replies

vpn tunnel to perimeter

hborn
Level 1
Level 1

‎07-08-2002 06:01 AM - edited ‎02-21-2020 11:54 AM

I work with a PIX515. Terminating a VPN tunnel (L2TP/IPsec connection) on the outside interface works fine. But my goal is to terminate the tunnel on a perimeter interface. I have tried several things but I can't get it to work.

Checking the syslog shows that the udp traffic on port 1701 reaches the interface on the perimeter network. But for some reason the firewall doesn't answer.

Has anyone established successfully a vpn tunnel to a perimeter interface? Can anyone help me? Sample Config?

Thank you.

Hans

Labels:
0 Helpful
2 Replies 2

yusuff
Cisco Employee
Cisco Employee

‎07-08-2002 09:18 PM

You can terminate an IPSec tunnel on any interface on the PIX eg outside, dmz etc.

Make sure you enable isakmp on your dmz, for eg;

!

isakmp enable outside

isakmp enable intf2

!

crypto map test-intf2 interface intf2

crypto map test-out interface outside

http://www.cisco.com/warp/customer/110/client-pixhub.html

HTH

R/Yusuf

0 Helpful

hborn
Level 1
Level 1
In response to yusuff

‎07-09-2002 01:09 AM

Dear Yusuf

Thanks a lot for your answer and the the link. That's right, I can terminate the tunnel on any interface as long as this interface is also connected to the "outside" world (as described in your link) but NOT when I have only one "outside" and the traffic must "flow" through the pix to the perimeter interface.

Greetings

Hans

0 Helpful
Customers Also Viewed These Support Documents