Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Remote access VPN & NAT issue on PIX 515E

2 Pix 515E are connected in failover mode. Inside zone connects to LAN Segment & outside zone connects Internet Router via public IP given by ISP.. Now our requirement; Remote access VPN configuration for Remote users & to provide Internet connectivity to inside zone users through a single outside interface All users will should accessible by proxy to access Internet. Now I'm planning to keep Proxy in inside zone & do Static NAT of Proxy IP to a Public IP. Pls put your better suggestion.


Re: Remote access VPN & NAT issue on PIX 515E

failover should be transparent to users.

when configuring failover, 2 ip address for each interface is needed.


ip address outside

ip address inside

ip address DMZ

ip address state

failover ip address outside

failover ip address inside

failover ip address DMZ

failover ip address state

nonetheless, when the standby unit takes over and starts acting as the active unit (should only occur when the primary unit fails), it will apply the primary ip addresses. in other words, the gateway stays the same for users.

e.g. as the pix inside interface ip, and whichever the unit is active, it will use this as the ip address.

CreatePlease login to create content