Route VPN Traffic

Unanswered Question

Hi, I have a PIX 515E with version 7.x. It has two different internet links connected, one is used to get access to Internet from inside and the other I would like to use only for dynamical VPN clients.

How I have to configure this to make the VPN traffic, that comes from the second link go back for same interface? in actual configuration I have a default route pointing to first link.

I need use “same-security-traffic permit intra-interface” command to do this?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
acomiskey Wed, 12/19/2007 - 10:53
User Badges:
  • Green, 3000 points or more

same-security-traffic permit intra-interface will not help in this case since the pix can only have 1 default gateway. You would have to know the source address of the vpn clients to be able to route to them from the second interface.


This Discussion