Cisco Pix 501, working around an ISA server.

Unanswered Question

I was wondering if I could ask you a question regarding the pix. We are looking into an alternative way of working around the isa server. We are looking into having a connection from the pix to the switch. Could we configure on the pix to connect directly to the switch only when it's a Cisco VPN client connecting? Also, if it's a "www client" the pix realizes this is an outside connection and redirects the connection to go through the ISA? Please see attachment for clarity.

Thanks for your help.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
kaachary Mon, 03/05/2007 - 15:55

No, this is not possible. PIX can not d distinguish between tunnel traffic(after decryption) and normal internet traffic for routing.

Moreover, TDG (Tunnel Default Gateway ) was introduced in PIX 7.x code. So, you can not use that. PIX will route tha traffic on the basis of information in routing table.




This Discussion