Re: full IPSEC tunnels on PIX and NAT ...

["Miha Vitorovic" <mvitorovic () nil si>]

Peter,

For one thing, the PIX can not route out through the same interface, the 
packet comes into the device. So, if your VPNs terminate on the outside 
interface (and they do according to the config), there is no way that the 
PIX will route the packets to the Internet, which also connected to the 
outside interface. That's just the way PIXen are :-)

Regards,
---
  Miha Vitorovic
  Inženir v tehničnem področju
  Customer Support Engineer

   NIL Data Communications,  Tivolska cesta 48,  1000 Ljubljana,  Slovenia
   Phone +386 1 4746 500      Fax +386 1 4746 501     http://www.NIL.si

firewall-wizards-admin () honor icsalabs com wrote on 29.11.2003 21:39:55:

> ... hello, and thank you in advance for any help you might be able to 
> offer.
>
> I've got a PIX that I'm using for just a couple of clients to VPN into, 
> and would really like to get full tunnels working so that all their 
> traffic goes over the tunnel and then out to the internet.
>
> I've scoured all of Cisco's documentation, and can't find anything I'm 
> doing wrong, but I seem to be stuck with the following kind of error 
> message:

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards