Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN client access a spoke site-to-site VPN pix

Scenario:

Main office - Pix 501 - 192.168.1.0 network

remote site - Pix501 - 192.168.2.0 network

remote access VPN 192.168.3.0 network

I can VPN into the main office and access resources, no prob

Once VPNed into the main office I cannot get to the remote site computers.

Question? How do I access the remote site via the main office VPN client connection?

2 REPLIES
New Member

Re: VPN client access a spoke site-to-site VPN pix

Hi

I think that with your current setup - you ain't gona be able to do it.

The two outlying networks will not be able to communicate with each other by going through a PIX because the PIX will not route traffic received on one interface back out the same interface. If there is a need for the outlying networks to communicate with each other, one would need a fully meshed configuration, instead of the hub and spoke configuration

ie yu need a concentrator that supports reverse routing somewhere in your design.

cheers

Steve

New Member

Re: VPN client access a spoke site-to-site VPN pix

Thanks, Steve. Based on what you said I think I will try to do a remote access VPN connection to the remote site. I can't see any reason why that won't work. I'll let you know how it goes. Perhaps this is something that Cisco can implement in future release of the software.

168
Views
0
Helpful
2
Replies