Multiple internal networks

Unanswered Question

I'm using site to site vpn on pix 501's using pre-shared keys. I just followed the instructions contained at http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_61/config/sit2site.htm

what do I need to add to these configs if I have multiple internal networks on each pix. ie the above doc as an internal network of 192.168.12.0 on pix firewall 1 and and 10.0.0.0 on pix firewall 2 if there is additional internal networks on pix firewall 1 ie 192.168.13.0 and an additional internal network on pix firewall 2 of 10.0.1.0 what additional commands have to be added to the config.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
awaheed Thu, 09/12/2002 - 15:50
User Badges:
  • Cisco Employee,

Hi Corey,


In this case, you just need to add to the existing access-lists attached to the crypto map and so lets say your access-list has the following right now:

access-list 90 permit ip 192.168.12.0 255.255.255.0 10.0.0.0 255.255.255.0


So what you add is the following to this access-list for your situation:

access-list 90 permit ip 192.168.13.0 255.255.255.0 10.0.0.0 255.255.255.0

access-list 90 permit ip 192.168.12.0 255.255.255.0 10.0.1.0 255.255.255.0

access-list 90 permit ip 192.168.13.0 255.255.255.0 10.0.1.0 255.255.255.0


Kindly let me know if this explains it fine,

Regards,

Aamir


-=-=-

Actions

This Discussion