08-26-2003 02:52 AM - edited 02-21-2020 12:44 PM
Hi all,
I make a VPN from a client to a PIX 525 with 3 interfaces (3 LAN: 192.168.1.0, 192.168.2.0, 192.168.3.0) from LAN 192.168.1.0 and receive an address 10.1.1.x from pool: how can I access in secure mode to 192.168.2.0 and 192.168.3.0, and be able to browsing local lan?
nat(dmz1) 0 access-list 102
nat(dmz2) 0 access-list 103
access-list 102 permit ip 192.168.2.0/24 10.1.1.0/24
access-list 103 permit ip 192.168.3.0/24 10.1.1.0/24
but not is possible to define 2 different vpngroup split tunnel:
vpngroup VPNTEST split-tunnel 102
vpngroup VPNTEST split-tunnel 103
Any suggest?
Thanks
Lorenzo
08-26-2003 04:54 AM
access-list 104 permit ip 192.168.2.0/24 10.1.1.0/24
access-list 104 permit ip 192.168.3.0/24 10.1.1.0/24
vpngroup VPNTEST split-tunel 104
should do the trick.
08-28-2003 04:53 AM
Simple and genial!
Thanks
Lorenzo
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide