A 3rd party wishes to place their IPSec VPN box on my PIX515R DMZ interface instead of configuring a firewall to PIX tunnel or even a VPN client connection. I have public IP space available for the purpose. What issues do you see with this if any other than it's reinventing the wheel and allowing them to sell their box?
the 3rd party company probably have a VPN device at their site that is form the same vendor as the VPN device their are trying to put in your DMZ.
They probably also have a lot more of those VPN devices at ohter sites. From configuration and management point of view, it's a lot easier for them to have their own device from same vendor at each site. That way they are not dependent of the VPN device (your pix in this case) at the other site.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...