Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
563
Views
0
Helpful
2
Replies

PIX1 -> PIX2 -> PIX3 - PIX1 cant see PIX3 internal network..

tekati
Level 1
Level 1

‎11-25-2007 09:56 PM - edited ‎03-11-2019 04:35 AM

I have 3 PIX 515E running 7.2(3)

PIX1 can see PIX2 inside networks

PIX2 can see PIX1 and PIX3 inside networks

PIX3 can see PIX2 inside networks

PIX1 192.168.2.0/24

PIX2 192.168.104.0/24

PIX3 134.71.123.112/28

(I was not here for this numbering)

All running IPSec VPN between them. My guess is once this is figured out I should be able to figure out how to also connect Cisco VPN 3 clients to PIX2 to see all networks if not able to connect Cisco VPN 3 clients to PIX1 and PIX3 and see all networks as well.

Labels:
0 Helpful
2 Replies 2

jpl861
Level 4
Level 4

‎11-26-2007 01:57 AM

Do you have a network diagram for this one?

-John

0 Helpful

timkaye
Level 1
Level 1

‎11-26-2007 07:56 PM

Hello.

You should be able to quite easily add IPSEC client functionality to each of the PIX's.

As long as each PIX has its NAT 0 rules and ACL's for crypto updated to reflect connectivity for each other subnet.

You wll need to aplply the global command.

same-security-traffic permit intra-interface to allow traffic to "hairpin" or enter and exit the same interface.

You need to make these changes on each firewall.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card