Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
233
Views
0
Helpful
2
Replies

two pix506 firewall boxes????

snaismith
Level 1
Level 1

‎09-02-2002 03:59 AM - edited ‎03-09-2019 12:08 AM

Ok here's the question.

Our canadian counterparts are responsible for our vpn. We previously used (are still using) a gauntlet firewall.

however the new solution thats been sent over involves two pix506 boxes, one for the inside and one for the outside.

it doesnt work

I dont think there should be two boxes, there should be the one pix506 with a line to our internal network and a line to our router which contains the routing tables for our VPN etc.

Does this sound right or are the two boxes necessary?

any help is appreciated.

cheers

Labels:
0 Helpful
2 Replies 2

gfullage
Cisco Employee
Cisco Employee

‎09-02-2002 10:41 PM

You can put two PIX at one site and have your DMZ in the middle of the two, some peole do this although it's not entirely necessary (although definately more secure if set up right).

To get your VPN working though, all you really need is one 506 at each site with the VPN configuration on them, the inside interface connects to your inside network/router, and your outside interface connects to your outside router/DSL/cable modem.

0 Helpful

pgolding
Level 1
Level 1

‎09-02-2002 11:19 PM

you could use two pixes, but you could do the job with one. one 506 could act as firewall and terminate the vpn clients also.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents