Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

Pix Site to Site w/ Remote VPN Clients

I have established a site to site VPN between 2 Pix 506e's. I setup the VPN tunnle using the VPN wizard, and it appears to work properly.

However, I also have users who VPN directly into the PIX via PPTP or a Cisco VPN client. Those users are not able to access resources that are on the other end of the VPN tunnel. It appears as though the map ACL that triggers packets to be sent across the tunnel is not being matched, but I have not been able to figure out how to get this to work properly.

PIX A has a local subnet of 192.168.1.x/24. PIX B has a local subnet of 192.168.2.x/24. Traffic between these 2 subnets flow across the tunnel. However, when someone establishes a VPN into PIX B, they are also put into the 192.168.2.x/24 subnet, but they are unable to access anything in the 192.168.1.x/24 subnet. Is something like this possible? The config from PIX B is attached.

Any help you could offer would be greatly appreciated.



Cisco Employee

Re: Pix Site to Site w/ Remote VPN Clients

This is not possible with Pix and 6.3 version of code.

If you are running 7.0 or higher on the Pix, then, Yes this is possible. Please refer the below URL for configuration details. The feature that you are looking for is called "intra-interface".

Also, 7.0 and higher are not supported on Pix 501, 506 and 520.



** Please rate all helpful posts **

Community Member

Re: Pix Site to Site w/ Remote VPN Clients

route outside 1

what is the ?

Community Member

Re: Pix Site to Site w/ Remote VPN Clients is an older HP 5300 series layer 3 switch.

CreatePlease to create content