resolve this......

shabib.syed · ‎03-19-2002

I have this issue I am working on. I called cisco tech and they said it is not possible and there is no work around. Still I want to ask the experts out there.

here is my scennario...

I have a PIX 515( headquater) - VPN tunnel another PIX 506 ( remote)

I have VPN clients terminating on the PIX 515. The VPN clients who are terminating on the PIX 515 can access the machines at my headquater lan with no problems. These VPN clients want to access the machines which are on the remote LAN ( PIX 506). Is there a way they can terminate on the PIX 515 which they do and then use the tunnel from PIX 515 to PIX 506 and connect to the machines there.?

Thanks

Shabib

anavarro · ‎03-19-2002

Not with your current setup. That would require routing functionality which the pix can not do. If you terminate the clients inside your network on a router then it will be possible.

That's the setup I have.

JOSH GANT · ‎03-20-2002

The PIX does not redirect traffic. If the packets come in the outside interface, the PIX cannot send them back out. You would need another interface, or terminate the client tunnels on a different device behind the PIX.

shabib.syed · ‎03-22-2002

Thanks for the feedback guyz......I really appreciate that...I have a cisco 2514, which i can use to termintate my VPN clients. VPN 3.0 and higher clients are not yet supported on cisco 2514. so I have to wait for that 12.2 8(T) to be released for cisco 2514

Thanks

7pautore · ‎04-26-2002

Cisco concentrators are the only ones that can do a hairspin like the one that you are refering to.