PIX 501 client VPN

Unanswered Question

I use PIX 501 firewall and setup remote VPN aleady. but VPN client cant access intranet servers from outside. I want ask if intranet servers gateway address is not PIX intranet address is work? or all intranet server must need point to PIX intranet interface adddress ? e.g if PIX intranet interface address is 10.10.10.254 my intranet server gateway must 10.10.10.254 right ?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
thomas.chen Thu, 02/15/2007 - 15:07

The default interface ip address can be PIX interface so that the packets can be forwarded to PIX gateway address.

kaachary Fri, 02/16/2007 - 05:49

Hi Alex,

There are two ways to achieve this:

1: Either you can point the default gateway for the Intranet servers to be PIX inside interface.

Or

2: You can add a static persistent route on the server for the vpn client pool, pointing to the PIX inside interface. E.G.

Client pool - 192.168.2.0/24

PIX Inside : 10.10.10.254

then add a route on the server as :

route add 192.168.2.0 mask 255.255.255.0 10.10.10.254

HTH,

-Kanishka

Actions

This Discussion