Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

PIX & Secondary IP address to inside interfaces

Hi,

I caught up in problem , i terminated VPN on PIX between 3 sites , one of the sites is having 4 different internal network of which 3 behind routers , users from different VPN sites need to access this networks .... how shall i add the routes

vpn betweeen 10.0.0.11, 10.50.0.11,10.60.0.11 is working fine , but 10.0.0.11 is having another 3 networks after an router

router ip 10.0.0.109 ,

different networks behind routers are 10.10.0.0

10.110.0.0

10.100.0.0

how many routes i need to add , in which pix .... need help ############# TOP URGENT##############

thanks in advance

3 REPLIES
New Member

Re: PIX & Secondary IP address to inside interfaces

If on the VPN router you have a default route, then you do not need to add any routes on that. Just make sure that the access-list used in crypto maps, cover all the source and destination addresses.

In the PIX that has the firewall on its back you will need to add the routes that are behind the network. A "ping" test is the best way to see if everything works fine. Again incluse a mirrored access-list with source the 4 networks and destination the central VPN office.

New Member

Re: PIX & Secondary IP address to inside interfaces

i have

nat (inside) 1 0 0 for internet traffic

nat (inside) 0 access-list 101 for VPN traffic

this will help me or not ..

static (inside,outside) 10.10.0.0 10.10.0.0

access-list 101 permit ip 10.10.0.0/16 10.50.0.0/16

here 10.10.0.0 is network behind router of site A

where as 10.50.0.0 is remote site from where users want to access the 10.10.0.0 network .. am planning to deploy this and will let you know if this works & please get back to me if you have any alternative ...

thanks

New Member

Re: PIX & Secondary IP address to inside interfaces

above is not working .................need urgent help thanks

228
Views
0
Helpful
3
Replies