PIX 525 and VPN

mike-t · ‎02-19-2002

I have two PIX 525 with DMZ's. I have a VPN tunnel created between the two. The users on the inside network at site A have to get to a server on the DMZ at site B. I currently have site A accessing the DMZ server at site B by its Internet address.

Is there a way to allow site A users to access site B DMZ server via the tunnel?

r-simpson · ‎02-26-2002

Not with PIX’s alone. You’ll need and inside router at both sites to route between the two networks across the tunnel.

mike-t · ‎02-27-2002

Hi, yes that configuration is already in place. And the routing is setup. We use the Tunnel for inside network to inside network communications.

My question is, though, I cannot get to their DMZ.

There are routes from my LAN (lan A) to the other LAN (lan B) to the PIX's. This works. However, I cannot get to the DMZ interface on firewall in LAN B

How do i configure my pix/routers to get to the DMZ on firewall B?

r-simpson · ‎02-27-2002

Hi there,

From what you describe, it sounds like you have a workable topology. Probably just need some config assistance from the TAC.