PIX L2L internet traffic

Unanswered Question
Jun 25th, 2008
User Badges:

Hi,


We have a PIX (6.3) L2L IPSec VPN tunnel. My question is if I let all the internet traffic from remote site to go to the central site, can the central site PIX allow the internet traffic to go out again?


Thanks, Leo

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
acomiskey Wed, 06/25/2008 - 07:16
User Badges:
  • Green, 3000 points or more

Not with pix 6, you need pix 7 to do this by hairpinning on the outside interface.

xzjleo2005 Wed, 06/25/2008 - 16:57
User Badges:

Thanks for the reply.


One more question here:


When I build up the IPSec VPN (PIX 6.3), both tow PIXs use command "route outside 0.0.0.0 0.0.0.0 GatewayIP" . But if I change it to "route outside PeerIP 255.255.255.255 GatewayIP", the VPN does not come up. Do you know why?


Thanks, Leo



Actions

This Discussion