Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

Spoke Communication between Pix 501's spokes and 3005 Hub

We have deployed Pix 501's to small remote offices. Most receive dynamic IPs from their ISPs, they connect to our 3005 concentrator here in our home office. The Pixes are configured using Easy VPN, and are in network extension mode. Clients sitiing be hind the pix, and the pix can see all resources in the central office. However the romte pixes cannot pass traffic or see each other. We have 6 of these locations.

For our larger facilities we have purchased an AT&T managed solution, they use a 3005 concentrator also here in our office, and their "Netgate Devices" in the remote facilities to terminate the tunnels, all of the spoke sites configured on their concentrator can see each other and the central office resources.

Our pixes are running 6.3, and 6.4, the 3005 in running 4.1. We are using static routes on the home office router...Any ideas...Thanks for any responses...Mike


Re: Spoke Communication between Pix 501's spokes and 3005 Hub

This document describes how to configure LAN-to-LAN sessions between PIX Security Appliances, and also allows for a VPN Client to access the spoke network (PIX3) through the hub (PIX1). In addition, this document demonstrates the configuration for a static LAN-to-LAN tunnel with VPN Client to spoke connectivity through the hub PIX Security Appliance. PIX version 7.0 improves support for spoke-to-spoke VPN communications. PIX 7.0 provides the ability for encrypted traffic to enter and leave the same interface.

Community Member

Re: Spoke Communication between Pix 501's spokes and 3005 Hub

That document does a good job illustrating the VPN Client-to-Spoke Tunnel using the PIX 515, but can this be done using the 3005 Concentrator? I have it working using the PIX 501 spokes with the 3005, but will it work with the VPN Client? How should the 3005 be configured?

CreatePlease to create content