I have a site-to-site VPN (office A & office B) setup. The VPN tunnel is running fine. What I want to achieve now is to have all the internet traffic pass through the tunnel from office B to A. So office B will be my gateway for all the traffic. So if I am in office A I can internet through office B via the VPN.
Do you have any ideas or configuration examples to do this?
This is possible depending on the topology and the hardware/software of the tunnel endpoints (device A and B). So please let us know what hardware and software is being used for tunnel termination on each end especially on Site A so thata we can suggest you something.
Sorry, not gonna happen with 6. Here is what you would have done if you had 7.
ok, so software 6 will not help me with this, i need to upgrade to software 7 right?
can the 506 series take software 7?
or my other option is to use the vpn client, and do split tunneling? from office A
The PIX 501, PIX 506/506E, and PIX 520 security appliances are not supported in software Version 7.0.
Second part of you question, what do you want to accomplish?
ok, so the only thing that I can do is to configure the remote access vpn on the 506 pix in office B. So the user will be able to internet with the VPN client. Is this possible with the VPN client ver.4.6 ?
You need to configure a regular LAN to LAN tunnel. You will not be able to redirect the internet traffic from a PIX 506 running 6.3.5. However if you have a proxy server behind the PIX B then you will be able to redirect it from the proxy server. Please be informed that it will be the HTTP traffic only in that case. If this is how you wanna go about it then you need to configure destination 'any' in the PIX A's crypto ACL and 'any' as source in the PIX B's crypto ACL.
If you don't have the proxy server, then you need to define specific subnets in the crypto ACL on each end.
Please rate if it helps.