03-22-2007 12:27 PM - edited 02-21-2020 02:56 PM
Ookay, hopefully somebody can take a few minutes to help me out here.
I have three sites that all have Pix501 running version 6.3 that I need to connect to each other using VPN Tunnels. Site 1 is my main office where my server is located and both Site 2 and 3 need access.
For logging purposes I do not want to use NAT, but pass the actual host IP's when transmitting back and forth across the tunnels.
I tried working off the instructions for a fully-meshed set up, but I can't get the tunnels to come up.
I am using cable modems (same at all three sites) for connectivity.
Anybody know of a link or site specific to how to's for newbie's?
I also have 3 1751 routers. 1 at each location that are currently controlling Point-to-Point partial T-1's that if I can come up with a quick fix can be used to solved the problem. I am actually replacing these T-1 connections with VPN tunnels to save costs.
They are running IOS version 12.2(13)T3.
Thanks!
03-22-2007 04:22 PM
Please go through the following doc :
*Please rate if it helped.
-Kanishka
03-23-2007 09:08 AM
Okay, I looked through the documentation for the fully-meshed configuration, the only snag that I am running in to with it so far is that it still does NAT for public.
This is the setup that I need..
. . . . . . . . . .INTERNET
. . . . . . . . . . . ^
. . . . . . . . . . . |
. . . . . . . . . CISCO 1751
. . . . . . . . . . . ^
. . . . . . . . . . . |
. . . .INTERNET <---PIX501--->INTERNET
. . . . . ^ . . .(MAIN OFFICE). .^
. . . . . | . . . . . . . . . . .|
. . . . PIX501. . . . . . . . .PIX501
. . . .(BRANCH1). . . . . . . (BRANCH2)
Kinda hard to draw it out here, but I think everyone can get what I am trying to do out of that diagram.
The 1751 router handles my main internet feed plus connectivity to a data processor. Each of the PIX501 boxes are connected to Cable Internet.
There is a 1751 at each of the branches connected to point-to-point partial t-1's right now, but we are trying to replace that solution with the PIX boxes and the cable internet to cut costs..
Any help would be appreciated! Thanks!
03-23-2007 09:22 AM
Could you explain "it still does NAT for public."?
03-23-2007 10:15 AM
Because of the connectivity requirements of my data processor, connections from the branch offices have to go through with their machine ip's.
So going out through the 1751 I need to make sure that branch2.x.x.x ip is still listed as the source ip and not a single NAT ip.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide