Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
315
Views
0
Helpful
2
Replies

Configuration to reach "outside" subnet

peada04
Level 1
Level 1

‎07-26-2008 07:46 AM - edited ‎03-09-2019 09:10 PM

Hi,

I have a PIX 501 with a VPN configured (pool addresses are 172.1.1.0) which enables communication to the "inside" subnet (10.1.2.0) - this works fine. Now I want to extend that so that users connected to this VPN can also communicate to machines on the "outside" subnet (10.1.1.0) and out to the Internet (via gw 10.1.1.1). Is this possible? Appreciate any help!

Labels:
23661-pix.conf
0 Helpful
2 Replies 2

husycisco
Level 7
Level 7

‎07-26-2008 08:00 AM

Hello Dan,

You have to permit the traffic that enterst the interface to exit the same interface, which is accomplished by "same-security-traffic permit intra-interface" command. But unfortunately, this command exists in IOS version 7.2 or greater.

Regards

0 Helpful

peada04
Level 1
Level 1
In response to husycisco

‎07-26-2008 10:05 AM

Thanks for the quick answer. I guess there are no work arounds? Guess I'll just have to put the machines I want to access behind the PIX. Thanks again!

0 Helpful
Customers Also Viewed These Support Documents