Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
211
Views
0
Helpful
2
Replies

NAT DESIGN small ISSUE

r.kate
Level 1
Level 1

‎02-10-2003 08:43 AM - edited ‎03-09-2019 02:02 AM

Hi ,

I have a PIX 515 and i have managed to set up a vpn with win2k over l2tp and ipsec .My Inside network say has the ip range of 10.200.1.x and the addresses given to vpn client are 10.200.25.xx .How can I allow the 10.208.25.xx clients to get access to the internet as if they were sitting in the office and working through the secure tunnel establish .

Thanks

Raj

Labels:
0 Helpful
2 Replies 2

kagodfrey
Level 3
Level 3

‎02-10-2003 09:39 AM

Hi

AFAIK the pix only has a rudimentary routing capablitity, and does not allow the routing of a packet out of the same interface that it came in on. For this reason, you would also be unable to, say, contact the network on the other side of a pix-pix vpn tunnel when you vpn into one of those two pixes.

You could get around this if you have a proxy server on your internal network you can point your remote browsers at.

0 Helpful

mklaphek
Level 1
Level 1

‎02-10-2003 11:01 AM

I don't think that this is quite what you're asking, but another option is to use a split-tunnel for this connection. This would allow you to have users connect to the inside and still surf the Internet.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents