I have 2 x Pix 501 routers with a IPSEC VPN running between them. The Pixs connect to each other via a couple of Aironet 1200s set up as bridges. It looks a bit like this:
Pix1 -- Aironet1 -- Aironet2 -- Pix2
We have an ADSL router plugged in to Pix2 for Internet access as well.
On Pix2 I have the following rules:
access-list inside_outbound_nat0_acl permit ip any any
access-list outside_cryptomap_20 permit ip any 192.168.1.0 255.255.255.0
What I want to be able to do is bypass the VPN for traffic in the 172.16.100.0 subnet so I can manage the Aironets. Otherwise I have to unplug the Pix and plug a laptop in to the Aironets to configure them.
Does anyone know how to do that?