I have two pix 515's. I have equipment that I need to access behind one firewall on a 10.10.14.xx subnet. The other firewall where I reside is on a 10.10.12.xx subnet behind the other firewall. On the 10.10.14.xx network firewall I have static (inside,outside) statements that tell the firewall from external ip address mapped to internal ip address. I also have a conduit permit statement saying external host ip address permit by external subnet of our LAN.
So what happens is while I'm at work in my 10.10.12.xx network its NAT to and external IP address. employees access equipment by external ip address and it works great. Once I get home I can't access it and thats good. I want employees to use VPN. However thats not set up correctly. VPN is set to only have access to 10.10.12.xx network via 10.10.15.xx
confusing but I need to be able to VPN in under a 10.10.15.xx address which connects to the 10.10.12.1 firewall and have the 10.10.12.1 firewall talk to the 10.10.14.1 firewall. I think if I get that working employees wont have to access the equipment on an outside ip address.
I also have two seperate windows 2003 servers running dhcp. one for the 10.10.12.1 network and 10.10.14.1 network.
thanks in advance