506E Question

[Mneumonic]

Ok, i have my WAN coming in to my router. , from there i got a switch going to my web , mail, and dns server on public IP's.

Also on that switch is my Pix firewall. The pix firewall gets a public IP going to my inside local lan with private IP's.

My question is, how will i get my VPN Server INSIDE the local lan with private IP's, to be connected to from the outside?

 

[baddos]

By VPN server do you mean the PIX or a different VPN device or VPN Computer Server?

 

[Mneumonic]

VPN COmputer Server

 

[baddos]

Ok.. If it's behind the PIX firewall, you will have to create a static translation for the vpn server to allow the vpn server to look like it has a public address when it really has a private address. You would do this:

static (inside,outside) xxx.xxx.xxx.xxx 192.168.0.20 mask 255.255.255.255 0 0

This will map the xxx.xxx.xxx.xxx public IP to the internal 192.168.0.20 computer. Then you would modify your access-list or conduit list to allow the desired VPN traffic through.

-Bad Dos