cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1032
Views
0
Helpful
2
Replies

PIX 515 and multiple VPN: to client and DMZ - possible???

sbiring
Level 1
Level 1

We are planning to implement a PIX 515, creating a VPN to a client site (with a 1722 router on the client end). We will also be using an ethernet interface on the PIX to connect a DMZ. My question is:

can we also implement a VPN between internal machines (static NAT) and the DMZ at the same time as having the VPN to the client site? We are not planning on initially getting any sort of hardware acceleration card.

Your input is greatly appreciated!

2 Replies 2

s-doyle
Level 3
Level 3

You shouldn’t have any problems doing that….Current PIX code allows you to terminate your VPN tunnel on any interface. I think this design will work fine.

iagosto
Level 1
Level 1

what you should do is consider upgrading the 1722 to a 2600 router and do ip tunneling and this way you don't really add any overhead then you can do IPsec tunneling to the customer site and add routes to a specific destination on your network and the traffic is not all over your network.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: