Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
idi
New Member

PIX&VPN + many subnets

I have VPN between inside_interfaces of 2 PIX' . But it doesn't work for workstations and servers, that are "far" from Pix, behind some routers . Is it possible use VNP in such situations, please? I'm security officer and cannot configure routers.

1 REPLY
Cisco Employee

Re: PIX&VPN + many subnets

The PIX will only encrypt traffic that you tell it to, so if you have a bunch of subnets on wither side, then you have to add all those source/destination pairs into your crypto ACL's on both PIXs (make sure the ACL's are always the exact opposite of each other).

You may also need a route in the PIX to tell it how to get to both the local and the remote networks. You distant networks also need a route to get to the remote networks (other side of the VPN) that points to the local PIX interface.

85
Views
0
Helpful
1
Replies
CreatePlease to create content