Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Remote VPN

Greetings all,

Site A is connected to Site B via a IPSEC VPN tunnel. Now I also have remote users using a VPN client connecting to site A. Is it possible to configure the PIX in site A so that when a remote user connects to site A the user will also have connectivity to site B (via the IPSEC tunnel)?

6 REPLIES
Cisco Employee

Re: Remote VPN

Yes, this should be possible using the concept "Hairpinning or U-turn". The exact command is "same-security-traffic permit intra-interface".

Please refer the below URL for details:

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00805734ae.shtml

Regards,

Arul

** Please rate all helpful posts **

Green

Re: Remote VPN

Adding to what Arul posted, you will also need to add the additional traffic to your crypto acl's on both pixes and also the nat exemption acl on pix b. Also, you didn't mention what version pix you use, if version 6, the above does not apply.

Community Member

Re: Remote VPN

Sorry i did not at the PIX os ver the first time.

The pix is running on 6.3

with that said, is it still possible?

Green

Re: Remote VPN

No, it's not possible with what has been mentioned here. You can not hairpin in pix 6.x.

Cisco Employee

Re: Remote VPN

Nope, Not possible with 6.3.

Regards,

Arul

** Please rate all helpful posts **

Community Member

Re: Remote VPN

Do you know if you can give my inbound VPN clients access to the Internet after they are connected to my PIX running IOS 7.0 or 8.0? My users would me making inbound PPTP vpn connections from their random computers, not using the Cisco VPN client. I want them to have Internet access as well as access to our corporate network.

Thanks

157
Views
6
Helpful
6
Replies
CreatePlease to create content