Another Pix 506e Question Concerning VPNs

[judgestone]

Presently we have 2 Pix506e's as firewalls and routers for two different WAN locations, with a VPN connection between the two.

Present configurations:

Pix 1 - External IP: 209.X.X.X, Internal IP: 10.10.60.1
Pix 2 - External IP: 70.X.X.X, Internal IP: 10.10.62.1

There is a VPN connection between the two and a Remote VPN connection for 192.168.60.X.

I am used to physical connections between switches and routers be it via physical cable or fiber connections. It is easy to VLAN the switches and easy to route this connections since all are physically connected and broadcast are visible to all since they are on same switch or route.

My problem is I want the 10.10.62.1 WAN site to be visible in Hyena, or Dameware, My Network Places if it can be done. I can ping from site 1 (10.10.60.X) network to an IP address in the 10.10.62.X network and can have the 10.10.62.X computers join my Active Directory, and see my DCs/DNS servers in both 10.10.60.X subnet. The problem is I can see them in Active Directory and even in Hyena under my Domain, but I can't physically connect to them, except via IP address. I assume it is a DNS issue.

I just would like my WAN to be like a physically connected LAN, I guess is what Im asking. Can this be done with the Pix's.

 

[KiscoKid]

a Site to Site VPN as you've described is, as per your requirements, an extension of your LAN. So it sounds like you already have what you are looking for.

I think you have hit the nail on the head with your assumption that your local DNS servers need updating.