We are planning to replace our current frame-relay network with a VPN in the next 60 days. Although I think I know the direction we should take, it always helps to get a second opinion.
We have three offices each having a 2620 connecting it to the frame. The main office also has a shared Internet connection for all three locations. This Internet connection uses a 2620 connected to a PIX 520 connected to our LAN.
I would like to purchase two additional PIX-520's for the remote offices. We are going to replace our current 2620's with three 2621 VOIP enabled routers from AT&T Managed Internet Services. I will not be able to gain access to the programming on these routers as AT&T manages them remotely. All of the VPN programming must take place on the PIX's.
I have found the following sample programming on the Cisco website that I think will work for our new setup.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...