Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations wOOdy-Soft on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Site-to-Site VPN, Concentrator to PIX

Status
Not open for further replies.
sohtnax

sohtnax

IS-IT--Management
Apr 24, 2003
130
US

I need to access resources on a remote network using a site-to-site VPN, using my Cisco VPN concentrator to connect to a remote PIX firewall.
Assuming the tunnel is established between the two devices, how would I be able to direct traffic intended for a resource on that remote site to through my VPN?
I realize I could drop a router in front of my firewall and concentrator, to appropriately rout the traffic, but I do not have a spare router at this time.


 
Sort by date Sort by votes
When you configure the VPN tunnel you define the traffic that will be encrypted and tunneled (interesting traffic), the remote resource should be defined as interesting traffic on the VPN configuration. Traffic from your network destined for the remote resource should reach your VPN 3000 which will send it through the tunnel. This means you need to have a route on your internal network saying "packets destined for the remote resource send them to the VPN concentrator". Hope this helps!
 
Upvote 0 Downvote
Thanks for you post, but I realize this. To clarify my question, is there any way to do so without using a router? For example, is it possible to use a Cisco VPN client internally and point it to my own concetrator for this site-to-site?
 
Upvote 0 Downvote
If you are planning a site-to-site tunnel then you must direct interesting traffic to the VPN 3000. How are you planning to send traffic from your network through the tunnel? How will the packets reach the VPN cocentrator in order to be encrypted?

If you want to use the VPN client, then you can configure the remote PIX for remote VPN access and terminate the tunnel at the PIX.
 
Upvote 0 Downvote
TheMut, in stating the following, How are you planning to send traffic from your network through the tunnel? How will the packets reach the VPN cocentrator in order to be encrypted?", you are basically rewording my exact question.
 
Upvote 0 Downvote
Let me put it differently, do you have a default gateway on your network? If so, what device is it? If not, how do you get to the Internet on your network?
 
Upvote 0 Downvote
The default gateway on my network for Internet access is my firewall.
 
Upvote 0 Downvote
Can you use the firewall to route traffic to the private interface on the VPN concentrator?
If your firewall is a PIX unit then it is not possible yet, but it will be possible on the soon to be released PIX version 7.0.
 
Upvote 0 Downvote
That was the answer to my question. Thanks!!!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
1K
Sameer258
Sameer258
Sparrow4
  • Locked
  • Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
797
Johnkite
Johnkite
intel233
  • Locked
  • Question
Cisco ASA - VPN Question
Replies
6
Views
825
intel233
intel233
wrighbr1
  • Locked
  • Question
Cisco ASA 5505 site to site VPN problem
Replies
0
Views
183
wrighbr1
wrighbr1
ISDPCMAN
  • Locked
  • Question
RDP fails over VPN
Replies
1
Views
337
gkittelson
gkittelson

Part and Inventory Search

Sponsor

Back
Top