04-27-2008 04:55 AM - edited 03-11-2019 05:37 AM
I have the following connectivity.
PIX A, PIX B and PIX C is connected to internet. There is a VPN tunnel from PIX A to PIX B and another tunnel from PIX B to PIX C. VPN tunnels are configured and from A-PIX network I can access B-PIX local network. Is it possible to send all traffic to B-PIX. I mean if any user from A-PIX like to browse internet there all traffic will go through to B-PIX. Beside this is it also possible to share the tunnel created in B-PIX. I mean can I access C-PIX network from A-PIX via B-PIX without configuring anything in A-PIX.
Solved! Go to Solution.
04-27-2008 05:58 AM
Configure "same-security-traffic permit intra-interface" on PIX B to allow the incoming VPN traffic from PIX A to use the same outside interface on PIX B for internet access.
You can also access PIX C network via PIX B. Include the network of PIX A in the crypto access-list configured at PIX B and also include the network of PIX A in the crypto access-list of PIX C. Then they can talk with each other. This is nothing but a sort of spoke-to-spoke communication with PIX B as a HUB.
04-27-2008 05:58 AM
Configure "same-security-traffic permit intra-interface" on PIX B to allow the incoming VPN traffic from PIX A to use the same outside interface on PIX B for internet access.
You can also access PIX C network via PIX B. Include the network of PIX A in the crypto access-list configured at PIX B and also include the network of PIX A in the crypto access-list of PIX C. Then they can talk with each other. This is nothing but a sort of spoke-to-spoke communication with PIX B as a HUB.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: