I have 2 pixs (501 and 506) that I am setting up as a test. I want one of the pixs to handle all of the incoming vpn and the other to be the gateway firewall.
i am having problems when someone connects to the vpn, the connection gets made and they get an ip address. the pix hosting the vpn allows packets to come through, but they don't know how to go back out through the vpn pix. I could see the ping trying to get translated to the public ip of the gateway firewall. so i added the route so packets destined for the my vpn ip local pool would be sent to that internal ip that i have the vpn pix set up on.
im missing something. hopefully, i explained enough so someone can tell me what.
basically: 2 pixs
vpn traffic can come in pixB but doesn't know to go back out to vpn ips through pixB
everything works if i set the route on the machine itself.