02-09-2008 11:36 PM
Coporate site have Pix515 and remote site has router. I have a tunnel setup from a remote site to the corporate office. I am looking for information on ACL's to apply to the dialer interface to allow ipsec/ isakmp and all traffic from corporate office to remote site. Do you allow the public address of PIX to access remote router with ipsec/ isakmp traffic and corporate private network address for pop3/ smtp and udp.
Solved! Go to Solution.
02-14-2008 12:48 PM
The PIX with the dynamic address will look something like the Tiger config and the other PIX will
look something like the Lion config.
02-19-2008 06:50 AM
yes you have to add ACLS on the dialer interafce on the router.
what you would do is assuming subnet A is behind router and subnet B is next to the Pix.
On A you would permit A's local subnet to A's remote i.e permit A to B and on the pix just the reverse. and no you dont define the public ip in the interesting traffic.
02-14-2008 12:48 PM
The PIX with the dynamic address will look something like the Tiger config and the other PIX will
look something like the Lion config.
02-15-2008 01:26 PM
I have the PPPOE router to PIX up and running. I am looking for information on adding and ACL to the dialer interface on the router to prevent unwanted traffic from entering the router. I have no problem with the PIX configuration.
02-19-2008 06:50 AM
yes you have to add ACLS on the dialer interafce on the router.
what you would do is assuming subnet A is behind router and subnet B is next to the Pix.
On A you would permit A's local subnet to A's remote i.e permit A to B and on the pix just the reverse. and no you dont define the public ip in the interesting traffic.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: