Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Can a VPN client go out same interface on Pix 515

A user VPN's into a Pix and gets a x.x.x.x address via an ippool on the Pix. Once done, they will need to access information that is on the public network. Can this be done since they will go out the same interface?

I can open ports and route subnets on our core routers, but that does not seem to work.

Thanks

Dwane

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Can a VPN client go out same interface on Pix 515

Hi Dwane

You can achieve this by entering the following command

same-security-traffic permit intra-interface

Regards

3 REPLIES

Re: Can a VPN client go out same interface on Pix 515

Hi Dwane

You can achieve this by entering the following command

same-security-traffic permit intra-interface

Regards

New Member

Re: Can a VPN client go out same interface on Pix 515

I believe it's called hairpinning and you can only do that on 7.x and above using the same-security feature.

Cisco Employee

Re: Can a VPN client go out same interface on Pix 515

Yes, this is possible but depends upon what code you are running on the pix. Please refer the below URL that explains the configurations that you are looking for.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00805734ae.shtml

Regards,

Arul

** Please rate helpful posts **

137
Views
0
Helpful
3
Replies
CreatePlease to create content