i have one parallel and one behind. both work fine. ""Symon Thurlow"" wrote in message news:[EMAIL PROTECTED] > I prefer to put them parallel (generally). > > This is so you can control all decrypted traffic, and see what it is. > > Symon > > -----Original Message----- > From: Chris Penrose [mailto:[EMAIL PROTECTED] > Sent: 04 March 2003 19:27 > To: [EMAIL PROTECTED] > Subject: 3000 Concentrator behind/in front or parallel to PIX? [7:64383] > > > Hi All, I am setting up a VPN to connect remote sites to a Head Office, > the head office has a VPN 3000 Concentrator and a PIX 515 Firewall, As I > understand it I can place the PIX in front/behind or in Parallel to the > 3000 . I was wondering if anyone that has done this has any > recommendations as to > the best place for the PIX or any advantages/disadvantages of placement. > I > am thinking in front but I am unsure what repercussions this will have > with regard to access across the VPN. I need all IP through the vpn > tunnels for each site, so with the PIX in front I would be setting up a > static to the outside interface of the 3000 and adding the following > acl's Access-list 100 permit ah any vpn3k Access-list 100 permit esp any > vpn3k Access-list 100 permit udp any vpn3k eq isakmp > > Would I still need acl's on the PIX to allow all other IP from each > site? Or should I place the PIX somewhere else. > > any advice appreciated. > > thanks > > Chris. > ============================================= > > This email has been content filtered and > subject to spam filtering. If you consider > this email is unsolicited please forward > the email to [EMAIL PROTECTED] and > request that the sender's domain be > blocked from sending any further emails. > > =============================================
Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=64419&t=64419 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
