Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Allowing traffic from one vpn to another on Pix515

Hi all,

Here is my situation. I have several vpn clients(mobile) that connect from hotel locations and such. I also have a permanent vpn tunnel on the same interface(outside) to a remote location. I have been told by Cisco that the Pix cannot route packets and that it is impossible for one of the mobile vpn clients to communicate with the permanent vpn because they are located on the same interface. I have a free interface on the pix presently, so I figured that I would configure my mobile vpn clients to use that interface instead to connect to my main site and they would then be able to also communicate with my permanent vpn tunnel. In PDM I configured this new interface with an appropriate external ip. I added the proper TUNNEL POLICY under IPSEC. I enabled the interface under IKE policies and XAuth/Mode Config. I changed the client .PCF to use the new Ip on the new Interface.

My Problem: Client times out with a peer error, and since I have made the modifications, my internal mail is now unable to send to outside. What an I doing wrong?

Thanks.

Martin

1 REPLY
Gold

Re: Allowing traffic from one vpn to another on Pix515

116
Views
0
Helpful
1
Replies
CreatePlease to create content