03-21-2002 01:55 AM - edited 02-21-2020 11:39 AM
I have web server https enable in dmz of Pix. The inside of the PIX is connected to the Lan of the Main site.
I have ipsec running between the Main site and branches. This tunnel is terminated on 7200 in Main site and 2600 in branches.
The remote sites are able to access the https pages in Web server if the IPsec tunnel beteeen the Main site and the remote site turned off..Once the ipsec is activated it doesnt work ...any good reason for this...
03-29-2002 06:47 AM
Im guessing its an MTU issue. You can try tweaking that. What version PIX code are you running? Anyone else experience this?
03-29-2002 01:39 PM
If the IPSEC traffic is dumped into your corporate network behind the FW then your HTTPS Traffic is now accessing the proxy sourcing not from the outside int of the pix but the inside you may have to change your rulesets on the fw to account for this. (don't forget your requests are no longer NATTED because if it was tunnelled, the request was passed through the rtr's bypass NAT route map) If you have Split tunneling configured on your VPN just make sure that the DS address of the HTTPS server does not get tunneled and you should be working fine.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide