Internet Access through IPSec

Unanswered Question
Jul 19th, 2008
User Badges:

Hi,


I would like to give a following solution to my customer,Please verify my solution,


1. Site A Head Office with PIX 525 connected to Site A ISP.

2. Site is having PROXY SERVER with the port number 3128.

3. Site B Branch office with PIX 515E connected to Site B ISP.


Requirement :


1. IPSec tineel should be established between SIte A and Site B.

2.Then the site B local users should not access the internet directly through Site B ISP,instead the internet traffic has to flow through the IPSesc tunnel to Site A PROXY server and access the Internet.(All Site B node IE are configure with the PROXY settings).


Is it possible,this will help the customer to watch the internet users centrally.


My Views:


1. I will configure both sites Firewall for IPSec (both IPSec and ISAKMP parameters,with NAT0 and ACL)

2. At the site B I will not configure the NAT 1(Inside) and Global 1 (outside),in that case no local node can access the internet.


Is it correct.


Please help me.


Thanks and Regards,


S.Venkataraman.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
a.alekseev Sat, 07/19/2008 - 05:36
User Badges:
  • Gold, 750 points or more

it is correct.


At the site B I can configure the NAT 1(Inside) and Global 1 (outside)


and apply ACL to inside interface that permits only traffic between SIte B and Site A



Actions

This Discussion