Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

PIX to PIX VPN - Hub and Spoke Requires all traffic to pass through HQ

What is the recommended PIX configuration for the architecture below?

HQ PIX Terminating all PIX VPN Remote sites. There is a requirement that all remote sites use the Internet connection at HQ's for centralized control/filtering. Any suggestions?

1 REPLY
Silver

Re: PIX to PIX VPN - Hub and Spoke Requires all traffic to pass

Put a router on the inside of each PIX and treat the IPsec tunnels as point to point links in a classical routed hub and spokes network. You can use static routes or BGP to do the routing without sacrifing MTU, or you can use GRE tunnels from router to router and using any routing protocol you like.

Good luck and have fun!

Vincent C Jones

www.networkingunlimited.com

85
Views
0
Helpful
1
Replies