Re: vpn 3000 setup

The.Rock Wed, 14 Mar 2001 15:33:15 -0800
We'll we have a 3000 but haven't set it up yet. Just out of curiosity why is
the vpn-inside address in the 192 range instead of 10.x .

Our 5000 roughly is setup with the VPN-inside address in the same range as
the address pool ( this is so we could isolate the vpn user traffic on their
own network). This will come in handy if you ever need to create tunnels
between vendors and need to restrict their access. The default gateway for
everyone coming in, then becomes the interface for the address on the
VPN-inside address (this after the tunnel is established). You should be
able to ping the default gateway. You may try making a pool that falls into
the same subnet as the inside interface otherwise your going to need a
static route in for the 192.1.1.1  to  10.1.1.o ..right?


"kevin burts" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> if any of you know and have doen setup a vpn 3000
> i have a vpn 3000 in dmz behind pix.
> i want people to create a secure communication through
> vpn. i can login and create a secure tunnel from
> outside to the vpn 3000.  from that point i can not
> ping anything inside.  from vpn 3k i can ping the
> client(the address for the client is from a pool of
> address in the vpn)  the address pool is 10.1.1.0 /24,
> inside network is 192.1.1.0/24 and 192.1.2.0/24(fake)
> and the dmz is 192.1.0.0 /24.
> address:
> pix-dmz: 192.1.0.254
> vpn-outside: 192.1.0.1
> vpn-inside: 192.1.1.1
> pool: 10.1.1.0 /24
>
> and i have built static routing table in the vpn
> 0.0.0.0  0.0.0.0  192.1.0.254
> 10.1.1.0 255.255.255.0 192.1.0.254
> 192.1.1.0 255.255.255.0 192.1.1.254
> 192.1.2.0 255.255.255.0 192.1.1.254
>
> what am i missing?
>
>
> __________________________________________________
> Do You Yahoo!?
> Yahoo! Auctions - Buy the things you want at great prices.
> http://auctions.yahoo.com/
>
> _________________________________
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>


_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: vpn 3000 setup

Reply via email to
