Seems like my other email on Sunday (hairpinning VPN client) probably answered this as well. In this case, already have the 525 with the v7.x code on it.
-graham On 11/29/09 10:52 AM, "Graham Wooden" <gra...@g-rock.net> wrote: > Hi all, > > I am bringing up a new remote location that is currently being served by a > DSL line. This site will ultimately be served with my own PtP solution, but > in the time being and to help with the migration, I want to deploy a > routable subnet at the location using a VPN solution between two PIX > firewalls. I drew up a diagram depicting this, and can be found at: > http://www.iamforeverme.com/VPN_Issue_diagram.pdf > > Other than the some routing statements that need to be put in at my edge and > core routers, anything I need to do on the main site's firewall to > facilitate traffic coming in/out on the outside interface? The 525 is > currently running v7.0.2. > > I was thinking about doing a GRE tunnel but since I have an extra 506e > (v6.3.5) that I would just use that and do a IPSEC tunnel to my 525 at my > main site. I want all the traffic at the remote site to transverse the VPN > tunnel, since it's source addressing will be a public subnet originating at > the main site. > > Seems like a common setup, no? Any thing else I need to consider? > Thanks all, > > -graham > > > _______________________________________________ > cisco-nsp mailing list cisco-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/