Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

pix vpn question ip local pool

Hi,

I'm configuring cisco pix 520 to work with vpn client 3000. My question is when you specify the ip local pool address, must they be in the same subnet as the inside network?

example:

ip address outside 192.168.0.1 255.255.255.0

ip address inside 192.168.1.1 255.255.255.0

nat (inside) 1 0.0.0.0 0.0.0.0

nat (inside) 0 access-list 80

global (outside) 1 192.168.0.2-192.168.0.5 netmask 255.255.255.0

access-list 80 permit ip 192.168.0.0 255.255.255.0 192.168.1.0 255.255.255.0

ip local pool dealer 192.168.1.4-192.168.1.10 (question: must these be with in the same subnet or can I use a different ip address scheme, and still be able to connect to inside host in the 192.168.1 subnet?)

thanks,

aztecmother

1 REPLY
New Member

Re: pix vpn question ip local pool

Tested this before. It is possible to use another segment for pool IP addresses different with PIX`s internal interface IP address. If you have another internal routers, create a route to this pool IP segment, pointing to the PIX. Because PIX doesn`t do Proxy ARP on behalf of this pool IP.

Regards.

307
Views
0
Helpful
1
Replies
CreatePlease to create content