I'd appreciate some assistance with a design question please.
I've been instructed to add a new PIX to a network which will terminate VPN tunnels from partner companies.
There is already an existing PIX in place for Internet access and this is heavily used.
I've installed the VPN PIX in parrallel with the existing Internet PIX - which is the default gateway, due to this it means I need to add and redistribute new routes into my company network to point to the partner LANs across the VPN tunnels.
This is thought to be insecure, can anyone advise me of an alternative please, if I put the PIXs in series then the Internet PIX will become even more overloaded.
I really want to avoid injecting routes to other company networks into my own.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...