Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Pix VPN endpoint and split-tunnel

From: Victor Williams <vbwilliams () neb rr com>
Date: Thu, 13 Oct 2005 22:50:24 -0500
I might add though that at least with the ASA 5520 (the closest thing to a PIX 515E unrestricted) you will it about $300 more than the PIX...and you get OS 7 (with more stuff than is available on the PIX OS 7) and gig copper interfaces everywhere.
To answer the original question, although I haven't tried it yet, I believe the ASA units will do what you want.
Lastly, if you're going to go the ASA route, let the OS mature for at least a nother general deployment release before you implement. The most current version is just full of bugs and annoyances. 


Paul Melson wrote:

-----Original Message-----
Subject: RE: [fw-wiz] Pix VPN endpoint and split-tunnel



That's pretty much what I read.  I thought they may have provided a fix by
now. As for 
the workarounds, this is for a business partner network and I've already
presented them 
with the "spend" option and they don't want to.

Another reply I got here from Simon expressed the possibility that PIX 7.x
supports 
this. (split horizon?)



RIPv2 (and therefore split horizon routing) are available as part of Cisco
ASA 7.0.  It's my understanding that this is actually an adaptation of the
VPN3K software.  But unless something has changed recently, this software
will only work on the ASA 5500 models, which will still cost your business
partner money.  Sorry, no free lunch for them.

PaulM


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: