Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

PIX506 site to site VPN

Hi

I have 3 pix 506 firewall to configure for 3 sites mesh topology. All the PIXes are sat behind the firewalls with NAT enable. each site have their own firewall. There are Sites A, B, and C. Site A is using Netscreen firewall with NAT, Site B is using Checkpoint with NAT, and Site C is using Linux IPTables firewall with NAT. All the PIXes 506 will site behind (inside) firewall, Is this possible? If yes, Do you have a sample for this configuration.

Many thanks

1 REPLY
Community Member

Re: PIX506 site to site VPN

Hi,

Yes it is possible. The conf is as simple as full mesh VPN topology. The diferrence is that your need to use STATIC TRANSLATION on each firewall and an access-list for incoming traffic (ESP, udp/500 and udp/4500).

REgards

OB1

109
Views
0
Helpful
1
Replies
CreatePlease to create content