cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
331
Views
0
Helpful
3
Replies

Can a VPN client go out same interface on Pix 515

dpatkins
Level 1
Level 1

A user VPN's into a Pix and gets a x.x.x.x address via an ippool on the Pix. Once done, they will need to access information that is on the public network. Can this be done since they will go out the same interface?

I can open ports and route subnets on our core routers, but that does not seem to work.

Thanks

Dwane

1 Accepted Solution

Accepted Solutions

husycisco
Level 7
Level 7

Hi Dwane

You can achieve this by entering the following command

same-security-traffic permit intra-interface

Regards

View solution in original post

3 Replies 3

husycisco
Level 7
Level 7

Hi Dwane

You can achieve this by entering the following command

same-security-traffic permit intra-interface

Regards

jaysoo
Level 1
Level 1

I believe it's called hairpinning and you can only do that on 7.x and above using the same-security feature.

ajagadee
Cisco Employee
Cisco Employee

Yes, this is possible but depends upon what code you are running on the pix. Please refer the below URL that explains the configurations that you are looking for.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00805734ae.shtml

Regards,

Arul

** Please rate helpful posts **

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: