I would like to know if this configuration is possible:
I have 2 devices at the entrance of the internet: 1st is a PIX Firewall and the other is a VPN Concentrator 3000. EZ Vpn client connect to the vpn concentrator. I would like to have traffics destined for the internet coming from the VPN clients to go throught the VPN, the internal network then going out throught the PIX firewall so I can manage the internet traffic of my EZ VPN Clients.
So, in short, I would like to set the default gateway of the tunneled traffic coming from the Client to the inside interface of my pix.
Sure, a lot of customers do this. Set the Tunnel Default Gateway on the concentrator to be the PIX's inside IP address. Then on the PIX add a route for the VPN pool of addresses pointing to the private interface of the 3000 (this is for the return traffic from the Internet). Also make sure the VPN pool of addresses is included in the nat commands on the PIX so that they'll be able to go out through it.
That should be all you need to do. This assumes of course that the two devices are connected in parallel. If the 3000 is connected to the DMZ of the PIX say, then the similar config stands but point the TDG to the DMZ address of the PIX obviously, and add a "nat (dmz) 1 " command into the PIX. You get the idea.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :