Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.
b.s
New Member

IPSEC tunnel traffic

Is it possible to configure the following:

networkA(watchguard firewall) --ipsec-->networkB(pix)--ipsec-->networkC(pix)

where connection atempts from networkA to networkC are translated to networkB addresses first so that connections are transparent to networkC?

need to connect networkA to networkC through networkB. no changes can be made to networkC.

currently traffic from networkA to networkC results in: 402103: identity doesn't match negotiated identity on networkB pix.

for ex: using http://www.cisco.com/warp/customer/110/pixhubspoke-01.gif , how to make traffic go from pix2 to pix3 through pixCentral.

thanks

1 REPLY
Silver

Re: IPSEC tunnel traffic

The setup shown in figure 01.gif won't work simply because traffic received by the PIX on an interface is not sent out over the same. If however you place PIX 2 and PIX 3 on differnt interfaces on PIX central... the issue boils down to passing encrypted traffic through the PIX. For that see the doc Configuring an IPSec Tunnel through a Firewall with NAT at http://www.cisco.com/en/US/tech/tk648/tk367/technologies_configuration_example09186a008009486e.shtml.

174
Views
0
Helpful
1
Replies
CreatePlease to create content