Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1216
Views
0
Helpful
1
Replies

IPSEC tunnel traffic

b.s
Level 1
Level 1

‎01-28-2003 01:43 PM - edited ‎02-20-2020 10:31 PM

Is it possible to configure the following:

networkA(watchguard firewall) --ipsec-->networkB(pix)--ipsec-->networkC(pix)

where connection atempts from networkA to networkC are translated to networkB addresses first so that connections are transparent to networkC?

need to connect networkA to networkC through networkB. no changes can be made to networkC.

currently traffic from networkA to networkC results in: 402103: identity doesn't match negotiated identity on networkB pix.

for ex: using http://www.cisco.com/warp/customer/110/pixhubspoke-01.gif , how to make traffic go from pix2 to pix3 through pixCentral.

thanks

0 Helpful
1 Reply 1

mchin345
Level 6
Level 6

‎02-03-2003 01:00 PM

The setup shown in figure 01.gif won't work simply because traffic received by the PIX on an interface is not sent out over the same. If however you place PIX 2 and PIX 3 on differnt interfaces on PIX central... the issue boils down to passing encrypted traffic through the PIX. For that see the doc Configuring an IPSec Tunnel through a Firewall with NAT at http://www.cisco.com/en/US/tech/tk648/tk367/technologies_configuration_example09186a008009486e.shtml.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card