Cisco VPN client to PIX to another Pix

[webnetwiz]

Interesting situation here. Have a Cisco VPN client connecting to a PIX. That pix firewall has a VPN tunnel to another PIX (NAT in both PIXes, but different internal IP space). As far as i understand, when the software client connects to the PIX, it cannot then traverse another tunnel to get to the network behind Pix#2. The way the network looks is basically:

LAN=>PIX#1=>Router=>Internet<=Router<=PIX#2<=LAN#2

Both LANs can access each other, but I need the VPN client to be able to access both LANs as well. Any thoughts would be appreciated.

 

[308win]

You are right, the traffic can not go back out the pix to the other site.

Can you make a different VPN connection to the other firewall? I'm not sure if 2 connections can live simultaneously if that is what you need.

 

[webnetwiz]

I did some digging around, and it could be done if the tunnels are terminated on different interfaces of the PIX. Unfortuantely for me, I'm dealing with a 506E, which only has the outside and inside interfaces.

 

[webnetwiz]

I did some digging around, and it could be done if the tunnels are termianted on different interfaces of the PIX. Unfortuantely for me, I'm dealing with a 506E, which only has the outside and inside interfaces.