I have 3 pix 506 firewall to configure for 3 sites mesh topology. All the PIXes are sat behind the firewalls with NAT enable. each site have their own firewall. There are Sites A, B, and C. Site A is using Netscreen firewall with NAT, Site B is using Checkpoint with NAT, and Site C is using Linux IPTables firewall with NAT. All the PIXes 506 will site behind (inside) firewall, Is this possible? If yes, Do you have a sample for this configuration.
Yes it is possible. The conf is as simple as full mesh VPN topology. The diferrence is that your need to use STATIC TRANSLATION on each firewall and an access-list for incoming traffic (ESP, udp/500 and udp/4500).
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...