Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

PtoP tunnel on DMZ

Hi, Can i terminate my PtoP ipsec tunnels on DMZ interface in PIX with ver 7.0.

Pix does not allow redirection or traffic through same interface, is it possible if i use Vlans.


Re: PtoP tunnel on DMZ

you mentioned "to terminate lan-lan vpn on dmz interface". just wondering if you are referring to terminating the tunnel on the outside and only allow access to the dmz; or terminating the tunnel on the dmz interface via the outside interface; or terminating the tunnel directly on dmz interface as dmz is connected to the internet directly.

secondly, pix v7 does re-route ipsec traffic on the same interface.

it would be great if more details are provided, so that we can put in some valuable inputs.

New Member

Re: PtoP tunnel on DMZ

I intend to terminate internet onto my DMZ interface to have my ipsec tunnels open on DMZ port.

This relates to my other mail on "Websense-Pix integration" which u replied.

If i terminate my IPsec tunnels through DMZ, i ll be able to separate traffic going to internet from my branches, which can connect to DMZ port through IPSEC tunnels.

Then, at outside i can monitor traffic for internet.

CreatePlease to create content