02-11-2007 09:02 AM - edited 02-21-2020 02:51 PM
I use PIX 501 firewall and setup remote VPN aleady. but VPN client cant access intranet servers from outside. I want ask if intranet servers gateway address is not PIX intranet address is work? or all intranet server must need point to PIX intranet interface adddress ? e.g if PIX intranet interface address is 10.10.10.254 my intranet server gateway must 10.10.10.254 right ?
02-15-2007 03:07 PM
The default interface ip address can be PIX interface so that the packets can be forwarded to PIX gateway address.
02-16-2007 05:49 AM
Hi Alex,
There are two ways to achieve this:
1: Either you can point the default gateway for the Intranet servers to be PIX inside interface.
Or
2: You can add a static persistent route on the server for the vpn client pool, pointing to the PIX inside interface. E.G.
Client pool - 192.168.2.0/24
PIX Inside : 10.10.10.254
then add a route on the server as :
route add 192.168.2.0 mask 255.255.255.0 10.10.10.254
HTH,
-Kanishka
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide