Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
211
Views
0
Helpful
1
Replies

PIX520 v6.2 site-site with vpn3002

chris.dickson
Level 1
Level 1

‎09-09-2002 10:37 AM - edited ‎03-09-2019 12:13 AM

Trying to run vpn3002 in network extension mode. tunnel initiates but ip traffic does not seem to return. I have tried several static routes on the PIX. What is the correct static route for the private network on the vpn3002? Network works if PAT is enabled.

Labels:
0 Helpful
1 Reply 1

gfullage
Cisco Employee
Cisco Employee

‎09-15-2002 04:54 PM

The static route on the PIX will point to teh remote network and the gateway will be the PIX's default gateway on the outside interface (assuming the VPN is terminating on the outside interface that is). Similar to the default route actually, in fact if you have a default route in the PIX, and you don't have another route for the remote network or some part thereof pointing inside, then you shouldn't need a route on the PIX itself.

What you probably need is a route on your internal network pointing to the PIX inside interface. Your inside network hosts need to know how to get to the remote network, so make sure their default gateway is the PIX or they have a specific route for the remote network pointing to the PIX.

0 Helpful
Customers Also Viewed These Support Documents