cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
345
Views
0
Helpful
1
Replies

PIX506 site to site VPN

cheeang69
Level 1
Level 1

Hi

I have 3 pix 506 firewall to configure for 3 sites mesh topology. All the PIXes are sat behind the firewalls with NAT enable. each site have their own firewall. There are Sites A, B, and C. Site A is using Netscreen firewall with NAT, Site B is using Checkpoint with NAT, and Site C is using Linux IPTables firewall with NAT. All the PIXes 506 will site behind (inside) firewall, Is this possible? If yes, Do you have a sample for this configuration.

Many thanks

1 Reply 1

obacati21
Level 1
Level 1

Hi,

Yes it is possible. The conf is as simple as full mesh VPN topology. The diferrence is that your need to use STATIC TRANSLATION on each firewall and an access-list for incoming traffic (ESP, udp/500 and udp/4500).

REgards

OB1

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: