Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Routing between multiple VPN's into a 506E?

Hello, I've got a 506E that is the central point for 11 remote locations. 11 VPN tunnels have been established and traffice is flowing between the 506E and each invididual Remote. We also have the CIsco Software client 4.0.4 configured and operating smoothly. What I can't get working is routing traffic between the VPN's either IPSEC clients or the Software client. Each VPN's subnet is isolated.

IP Scheme:

Main office 10.0.0.0

Remote Loc's 192.168.X.0

Software Client 10.1.1.0

The current config can be posted if need be.

THANKS in ADVANCE!

5 REPLIES
New Member

Re: Routing between multiple VPN's into a 506E?

Hi,

This may not be possible using PIX. PIX does not route traffic received on one interface back out the same interface. so inter-spoke communication is not possible. two things u can do.

1. do a full mesh IPSEC config for spoke that need to communicate with each other.

2. do the HUB/ Spoke arrangement using a router or VPN concentrator (i.e terminate the IPSec VPN on them)

pls check

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080093bd3.shtml

New Member

Re: Routing between multiple VPN's into a 506E?

I should be able to route ALL VPN traffic to a local router and then route it back out? the correct IPSEC tunnel, though, can't I?

Thanks!

New Member

Re: Routing between multiple VPN's into a 506E?

Hi, cisco seems to have fixed this problem in 7.0 version of PIX os pls look at this link

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00804675ac.shtml

rate if it helps

New Member

Re: Routing between multiple VPN's into a 506E?

I appreciate the help on this, but unfortunately ver. 7 isn't supported on a 506E...

Re: Routing between multiple VPN's into a 506E?

Hello,

as of now, version 7 is indeed not supported on the 506E. As a matter of fact, I don´t think you can accomplish what you want with the 506E. If you run 6.3, this allows you to run a small number of VLAN´s (2) when configuring the PIX to trunk with a switch (see the link below for a configuration example), but obviously that is not nearly enough for the amount of connections you have...

Using VLANs with the Firewall

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a0080172786.html#wp1113411

HTH,

GNT

178
Views
3
Helpful
5
Replies