cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
242
Views
0
Helpful
3
Replies

PIX 515 Route from Client VPN to separate IPSEC VPN device?

dkraut
Level 1
Level 1

I cannot get this to work? We have a pix 515 (6.3) that we use for remote user access and Internet access. We recently added a netscreen 50 to the mix, which connects us to our partner company via IPSEC VPN. The inside interface of both devices are on the same subnet. The remote user Cisco VPN users are on a different subnet. When remote users connect to our office via Cisco VPN client to the PIX, we cannot access the the netscreen inside interface or our partner compnay. Any tips, config examples? Thanks!

3 Replies 3

Marwan ALshawi
VIP Alumni
VIP Alumni

make sure u have nat exmption applied properly on the PIX to the VPN client address pool

on the netscreen make sure that net screen has a route to the vpn client address pool point to the inside pix interface ip address

on the pix u need to add a route that poin to the partner network point to the netscrren inside ip as well

on netscreen u need to include the client vpn address pool in the ipsec interesting traffic

i have no experience with netscreen but the above needs to be done to get ur network operational

good luck

if helpful Rate

thanks... I was just interested in what needs to be configured on the pix to allow remote access vpn users to connect to the pix and then be allow them to access a remote office over a separate ipsec vpn.

do u have a route statment to the partner network point to the other firewall inside interface thorugh ur inside pix firewall ?

do u have the nat exmption configured correctly

good luck

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: