Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ipsec and pptp

We have requirement to provide remote access via both dial and broadband to a secure network inside our business network. This network, SCADA, is separated from the business network by a PIX506. Business users access the SCADA network often using the Cisco VPN Client over IPSEC. We have a CISCO 3000 Concentrator that terminates remote access sessions. Is there any way to terminate those remote access sessions and then open another encrypted session to the SCADA PIX? I had originally thought to terminate the remote session on the vpn3000 using pptp and then allowing the user to open an ipsec session to the SCADA pix. This doesn't seem to work. Is there another strategy or workaround that will provide the solution? Thanks.


Re: ipsec and pptp


Do all users who need remote access to SCADA already have access to the 3000 vpn? Or are there people who need scada access, but should/must not have access to resources allowed if they had rights to access the 3000 vpn?

Do people need to access resources from both scada and corp. concurrently, or is it viable to tell them, "its one or the other, bucko"?

New Member

Re: ipsec and pptp

Thanks for the quick response.

All users have access to corp. SCADA users have access to both. All have remote access to the vpn3000 which is outside the SCADA nets but inside the corporate net. As a company policy we do not allow simultaneous access. The SCADA nets provide access to the water control systems so are considered highly secure networks. All connections to them through the pix's are via ipsec.

Yes, it IS one or the other bucko!

CreatePlease login to create content