Is this really a DMZ or the server is just sitting on the outside interface?
If this is really a DMZ that would mean three legs in the HK PIX. US servers will be able to access the DMZ.
If the server is sitting on the outside interface of the PIX normally it will not be possible.
There could be a workaround in that case.
Suppose the device X is a router you can create a VLAN in the outside interface and terminate on the router X. Now you will have one virtual and one physical int on your PIX one going to the internet and one going to the X which is connected to the server. This way you can circumvent the redirection problem/feature/bug/security measure in PIX and US servers will be able to access the server in HK.
No, routing will not solve this problem because PIX wont let the packet out the same interface from which it came in. In your case the request to access the server will come through the tunnel on the outside interface and will get decrypted on the outside interface and will try to go out the same way it came in.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...