Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Emails through PIX VPN

I want to set up a VPN between two sites using a PIX to PIX vpn tunnel. An Exchange 5.5 server with some Outlook clients sits in site 1 and Outlook clients only sit in site 2. What would be the best way of setting this up so that the clients in site 2 can access mails sent to them by clients in site 1?

TIA

6 REPLIES
Gold

Re: Emails through PIX VPN

Gary,

Here is a very good document on PIX site-to-site configuration using IPSec.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080094761.shtml

Hope this helps,

Jay

Community Member

Re: Emails through PIX VPN

Cheers Jay, looks like the deal. Presumably I would just permit SMTP traffic between the real server IP and the real client(s) IP in the interesting traffic ACLs on each PIX?

Silver

Re: Emails through PIX VPN

a point to point ipsec tunnel will effectively act like a direct physical link between the two sites. You just need to treat the remote office like any other new subnet. WIll you have any servers at the remote site? If you do, make one a wins and dns server, and configure replication between it and the wins and dns server at the main office with the exchange server. That should take care of all name resolution issues.

Having a domain controller at the remote office is also a best practice

Community Member

Re: Emails through PIX VPN

The 2 sites will use different IP network classes. Will this cause a problem with routing between them?

Unfortunately the remote site just has a couple of PC's, no servers. I suppose the remote client will have to authenticate on the main domain to access exchange? What would you suggest?

Gold

Re: Emails through PIX VPN

Gary,

No you'll not have any problems with having 2 different IP address/network. The remote site can authenticate to the primary domain via the VPN tunnel.

Hope this helps,

Jay

Community Member

Re: Emails through PIX VPN

Cheers Jay, thought that probably would be the case - set up somehing similar a while ago. I suppose the PIXs act as a simple router as they are connected to different subnets? Would you know what nasty ports I would have to add to the interesting ACL to get the clients logged onto the domain.

95
Views
0
Helpful
6
Replies
CreatePlease to create content