This is a discussion on Re: [fw-wiz] PIX to PIX VPN from within a private network. - Firewalls ; Thanks Ralph and John, I suspected that was what would need to be done, have the 827 act as a bridge. fyi. i'm not using NAT on any of the devices at home, the ISP assigned me a block of ...
Thanks Ralph and John,
I suspected that was what would need to be done, have the 827 act
as a bridge.
fyi. i'm not using NAT on any of the devices at home, the ISP assigned
me a block of IPs which sit on the inside of the PIX with the 827's
external interface numbered with the gateway IP to this network.
thanks again folks, I'm sure this information saved me a few hours this
John Adams wrote:
> I don't know of any way to make this work without some changes to your
> network. IPSec will have problems creating security associations
> between the two networks, as the endpoint will be the Internet
> routable IP and not the PIX. I assume you are doing some sort of
> network address translation on your home router.
> Or, is it case of you not being able to do that because the Cisco 827
> is providing both the DSL connection and NAT ?
> If I were you I'd reconfigure the Cisco 827 to act as a DSL Bridge
> instead of a DSL router, and move the NAT to the PIX. Your VPN will
> work then.
> Another option is to install the Cisco VPN client on the PC at home,
> and use that client to connect through your existing network to the
> PIX, but that might not be what you're looking for as it would only
> provide VPN to one host.
> Also keep in mind that all of the other routers in your companies
> network will need to know how to get to your subnet if you are joining
> the two networks through the PIX (else, you won't be able to route to
> On Mon, 13 Mar 2006, Greg wrote:
>> I have a PIX at home and would like to connect via site to site VPN
>> to the PIX at work which I also maintain.
>> The problem I think I may run into is I have a private network
>> between the internet router and my internal home PIX. The segment
>> between the internet router and the internal PIX is 10.0.0.0/24,
>> the outside interface of the PIX is numbered 10.0.0.1.
firewall-wizards mailing list