Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
472
Views
0
Helpful
1
Replies

Internet Access through IPSec

Lavanholy
Level 1
Level 1

‎07-19-2008 02:55 AM - edited ‎02-21-2020 03:50 PM

Hi,

I would like to give a following solution to my customer,Please verify my solution,

1. Site A Head Office with PIX 525 connected to Site A ISP.

2. Site is having PROXY SERVER with the port number 3128.

3. Site B Branch office with PIX 515E connected to Site B ISP.

Requirement :

1. IPSec tineel should be established between SIte A and Site B.

2.Then the site B local users should not access the internet directly through Site B ISP,instead the internet traffic has to flow through the IPSesc tunnel to Site A PROXY server and access the Internet.(All Site B node IE are configure with the PROXY settings).

Is it possible,this will help the customer to watch the internet users centrally.

My Views:

1. I will configure both sites Firewall for IPSec (both IPSec and ISAKMP parameters,with NAT0 and ACL)

2. At the site B I will not configure the NAT 1(Inside) and Global 1 (outside),in that case no local node can access the internet.

Is it correct.

Please help me.

Thanks and Regards,

S.Venkataraman.

Labels:
0 Helpful
1 Reply 1

a.alekseev
Level 7
Level 7

‎07-19-2008 05:36 AM

it is correct.

At the site B I can configure the NAT 1(Inside) and Global 1 (outside)

and apply ACL to inside interface that permits only traffic between SIte B and Site A

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents