I apologize if this
is an obvious question, but I'm feeling quite clueless.
I've set up a
VPN using manual IPSEC between the remote office (172.A.x.x, call it
"net1") and the home office (10.x.x.x, call it "net0"). net1 is behind a cisco
1605; net0 is behind FW-1 4.1 (call it "gatekeeper"). Also behind the FW-1
box is a DMZ (172.B.x.x, call it "net2").
I want to extend the
VPN so that users on net1 can access net2 through the VPN. The motivation
is to let administrators at the remote office access the ftp server in the
DMZ to create new accounts.
The cisco side seems
rather straightforward. What I don't understand is how to set the
encryption domain for gatekeeper to include both net0 and net2. I tried
creating a group object ("homenets") containing net0 and net2 and setting
gatekeeper's encryption domain to homenets, but either I did something else
wrong or that's not the answer.
Suggestions?
Ross Presser • MIS Technician • Imtek,
Inc.
[EMAIL PROTECTED] • http://www.imtek.com
