Configuration to reach "outside" subnet

Unanswered Question

Hi,

I have a PIX 501 with a VPN configured (pool addresses are 172.1.1.0) which enables communication to the "inside" subnet (10.1.2.0) - this works fine. Now I want to extend that so that users connected to this VPN can also communicate to machines on the "outside" subnet (10.1.1.0) and out to the Internet (via gw 10.1.1.1). Is this possible? Appreciate any help!

Attachment: 
I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
husycisco Sat, 07/26/2008 - 08:00

Hello Dan,

You have to permit the traffic that enterst the interface to exit the same interface, which is accomplished by "same-security-traffic permit intra-interface" command. But unfortunately, this command exists in IOS version 7.2 or greater.

Regards

Actions

This Discussion