Firewall Wizards mailing list archives
RE: Pass-through VPN
From: "Roberts, Shawn" <Shawn.Roberts () ualberta ca>
Date: Thu, 30 Sep 2004 13:19:00 -0600
This is a site to site VPN with one termination box inside out firewall and the other on the outside of the firewall (where the traffic comes from). Both of these boxes are out of our hands and we just have to ensure when the firewall goes in the traffic still keeps going through. The VPN does not terminate on the PIX at all, just need the traffic to go untouched through it. I was planning on: access-list 131 permit udp x.x.x.x host X.X.X.X eq isakmp access-list 131 permit esp x.x.x.x host X.X.X.X access-list 131 permit ahp x.x.x.x host X.X.X.X Just hoping this is correct. Thanks again -----Original Message----- From: Melson, Paul [mailto:PMelson () sequoianet com] Sent: Thursday, September 30, 2004 11:52 AM To: Roberts, Shawn; firewall-wizards () honor icsalabs com Subject: RE: [fw-wiz] Pass-through VPN
-----Original Message----- I have a quick question about what I need to do on a PIX 515 to get VPN traffic to pass through it. I have done the rest of the setup on this box but I want to make sure that this part is running correctly when I install it. Any help would be very much appreciated.
<PASTE> That all depends. </PASTE> Is this a site-to-site or client tunnel? Is the traffic originating inside or outside the firewall? Is it PPTP, L2TP, or IPSec/ISAKMP (or SKIP, if you're a BorderManager user)? Is the PIX a termination point for other VPN connections? All of these effect how you need to configure the PIX. PaulM _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Pass-through VPN Roberts, Shawn (Sep 30)
- Re: Pass-through VPN Josh Welch (Sep 30)
- <Possible follow-ups>
- RE: Pass-through VPN Roberts, Shawn (Sep 30)
- RE: Pass-through VPN Melson, Paul (Sep 30)
- RE: Pass-through VPN Roberts, Shawn (Sep 30)
- RE: Pass-through VPN Melson, Paul (Sep 30)