Re: Need Site to Site VPN Help. How to route to a network not directly connected through VPN
- From: Charles U Farley <chuck@xxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 11 Apr 2006 18:26:56 GMT
Evolution wrote:
I don't think this should be too hard, but I have a general question. I
setup a Site to Site VPN between a Pix 515 and Pix 501(Easy Enough).
The hard part is getting the internal networks to talk. I network the
PCs is on connects to a Proxy Server, which then connects to the PIX
515. The PC network is 10.1.0.0/16 and the Proxy Server has an
interface on that LAN, and the network directly connected to the PIX
515(192.168.100.0/24) as well. The remote LAN that I'm trying to access
is 10.4.1.0/24. My ACL for NONAT is setup between 10.1.0.0 and
10.4.1.0. I'm not sure if I have to NONAT between 192.168.100.0 and
10.4.1.0, and then add a route into the Proxy Server, or if I keep it
the way I have, and then add some sort of "route inside or outside"
command to the PIX. Any help would be greatly appreciated. A diagram of
the config can be found here:
http://img140.imageshack.us/img140/1298/vpnhelp2qw.jpg
THANKS for the HELP!
You'll need a router behind the PIX on the internal network and point the routes on the PIX to the router on the inside.
Chuck
.
- References:
- Prev by Date: Re: IP CEF and VPNs.
- Next by Date: Re: When is a circuit "congested"?
- Previous by thread: Need Site to Site VPN Help. How to route to a network not directly connected through VPN
- Next by thread: Re: Need Site to Site VPN Help. How to route to a network not directly connected through VPN
- Index(es):
Relevant Pages
|
