Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Tunnel Routing?

Status
Not open for further replies.
billberge

billberge

IS-IT--Management
Oct 7, 2003
141
0
0
US
Howdy,

I recently setup VPN access and distributed the .pfc file to the end users who can now connect via Cisco VPN Client 4.8.00.044 through the Cisco PIX 515E. We also have a hard tunnel VPN connection through the same PIX to the facility that hosts the website where servers are located that we access from the corporate LAN.

The webmaster recently informed me that he cannot access the servers at the hosted facility when connected from home on the VPN. The corporate LAN is on a 10.0.0.0/22 network. The soft client distributes 10.100.100.0/24 addresses and has full access to any box on the 10.0.0.0/22 network. The hosted facility hands out addresses in the 172.28.192.0/24 range.

I guess I’m asking should it possible to hit the boxes on the 172.28.292.0 network from the 10.100.100.0 VPN? Can you double tunnel?

Any suggestion would be helpful. Thanks in advance!

 
Sort by date Sort by votes
I haven't had this issue from a pix before, but here are my thoughts... Hope this helps.

Most obviously can the home user create a direct connection from the home network to the hosted facility?

If not...Do you keep a local copy of the websites on the HQ network? If so, then have the user make the changes in the test environment and then upload the files from there.

If not...can you force logon to proxy in HQ to access the hosted facility...this would make the home user appear to come from an internal host?
 
Upvote 0 Downvote
I assume your pix 515E runs 6.x code and you will need 7.0 code to accomplish what you want.
 
Upvote 0 Downvote
Thanks for the replys. I am running code 6.3 on the PIX. Upgrading to 7.0 will take care of the routing of the traffic? Is there any additional configuration I need to make after the upgrade?
 
Upvote 0 Downvote
Perfect, I'll give it a shot. Thanks for the information.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

F
  • Question
some IP Phone not working over site-to-site OpenVPN, packets modified on other side of tunnel
Replies
0
Views
1K
FrankSider12
F
raist3001
  • Locked
  • Question
Creating an IPSEC VPN tunnel between 2 DLINK DSR-250 help
Replies
0
Views
51
raist3001
raist3001
Jimmyjoe1975
  • Locked
  • Question
VPN tunnel ports
Replies
2
Views
51
Schart1961
Schart1961
schomberg
  • Locked
  • Question
Want to tunnel into Windows Server 2008 R2 Standard
Replies
2
Views
59
sircles
sircles
mbgd
  • Locked
  • Question
VPN Tunnel
Replies
0
Views
23
mbgd
mbgd

Part and Inventory Search

Sponsor

Back
Top