11-21-2003 04:41 AM - edited 02-21-2020 12:53 PM
I have a pix wich have a route to 10.0.0.0 255.255.255.0 X.X.X.X (where X.X.X.X) is a internal router.
Now I want to route 10.200.0.0 trough vpn. Can I accomplish that with just adding one more access list to the already existing vpn tunnel to that peer. Or do I need to change the routing somehow?
Thanks in advance
11-21-2003 05:01 AM
Yes, permit access to 10.200.0.0 255.255.0.0 for the VPN-tunnel-to-peer-pix acl, and also add it to whatever acl you are using for nat0. Make sure that the devices on the 10.200.0.0 network know the way back.
HTH
11-21-2003 05:49 AM
I did this. it works if I delete the route. But I want some way to keep the route but overide it for the 10.200.0.0 255.255.255.0 network. Is it possible?
11-21-2003 05:58 AM
strange, I would have thought that it would have worked despite the other route as it has the longer match... what does the pix show in its routing table?
11-21-2003 07:02 AM
It shows the route to the router. But I solved this case by deleting the route and letting the hosts use the router as the default gw. But it would be fun to know if it's possible to do it like I described.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide