Hi.
I have a Pix 501 that establish a tunnel with a VPN 3000 Concentrator. I need that people who works in the network of Pix can access to Corporate applications through the tunnel, but also they need navigate through an external firewall, and not use the tunnel for their access to internet. How can I get this?
I think that is a route problem
The tunnel works fine. So I only trancript the other part of the configuration.
access-list 102 permit ip 192.168.1.0 255.255.255.0 172.11.0.0 255.255.0.0
ip address outside 213.227.15.34 255.255.255.240
ip address inside 192.168.1.1 255.255.255.0
nat (inside) 0 access-list 102
------this is the ip address of the external firewall--------
route inside 0.0.0.0 0.0.0.0 192.168.1.3 1
-------------------------------------------------------------
route outside 172.11.0.0 255.255.0.0 213.227.15.33 1
---this is the IP of the router of the Internet service provider ---
sysopt connection permit-ipsec
Thanks in advance