Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Configuration to reach "outside" subnet

Hi,

I have a PIX 501 with a VPN configured (pool addresses are 172.1.1.0) which enables communication to the "inside" subnet (10.1.2.0) - this works fine. Now I want to extend that so that users connected to this VPN can also communicate to machines on the "outside" subnet (10.1.1.0) and out to the Internet (via gw 10.1.1.1). Is this possible? Appreciate any help!

2 REPLIES

Re: Configuration to reach "outside" subnet

Hello Dan,

You have to permit the traffic that enterst the interface to exit the same interface, which is accomplished by "same-security-traffic permit intra-interface" command. But unfortunately, this command exists in IOS version 7.2 or greater.

Regards

Community Member

Re: Configuration to reach "outside" subnet

Thanks for the quick answer. I guess there are no work arounds? Guess I'll just have to put the machines I want to access behind the PIX. Thanks again!

120
Views
0
Helpful
2
Replies
CreatePlease to create content