Re: PIX Scenario [7:62047]
Ok..thanksi was worried about the public to private ip mapping with NAT and IPSEC. But since esp does not modify the original header...I should be fine to have the vpn clients connect to a public ip that is statically natted to the private ip on the outside pix interface. Right? Thanks again... Dain ""BJ Rice"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > This isn't entirely correct. You can have a private IP address on your > outside interface and have it NAT'd to a public IP address and then > terminate the tunnel there. I am assuming this is what you are doing. Yes > it can be done. > > Yes it will work with IKE Mode Configuration which is the same functionality > of the "vpngroup". Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=62266&t=62047 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX Scenario [7:62047]
This isn't entirely correct. You can have a private IP address on your outside interface and have it NAT'd to a public IP address and then terminate the tunnel there. I am assuming this is what you are doing. Yes it can be done. Yes it will work with IKE Mode Configuration which is the same functionality of the "vpngroup". Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=62225&t=62047 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX Scenario [7:62047]
Hi If you want VPN client to connect to your pix, you need to assign a public IP to your outside interface and you can create a pool of private ip address to your vpn client by using (ip local pool start ip...end ip) and give the pool name in the vpngroup configuration (vpngroup address-pool . There are lot of document given in cisco's website. fahim ""Dain Deutschman"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hello everyone, > > I would like to install a PIX behind a router and had some questions... > > 1. Can the VPN clients connect to a public ip that translates ( static nat ) > to the private ip assigned to the outside interface of the PIX?( if i use > esp) > > 2. Will it work if I use IKE Mode Configuration to auto assign IPs to the > remote clientsor does the "vpngroup" configuration with PIX v6.01 work > the same way? > > Thanks for any suggestions...If i am being to vague I would be happy to > discuss in more detail. > > Thanks! > -- > Dain Deutschman > CCNP, CSS-1, CCNA, MCP, CNA > Data Communications Manager > New Star Sales and Service, Inc. > 800.261.0475 > [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=62080&t=62047 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX Scenario [7:62047]
Hello everyone, I would like to install a PIX behind a router and had some questions... 1. Can the VPN clients connect to a public ip that translates ( static nat ) to the private ip assigned to the outside interface of the PIX?( if i use esp) 2. Will it work if I use IKE Mode Configuration to auto assign IPs to the remote clientsor does the "vpngroup" configuration with PIX v6.01 work the same way? Thanks for any suggestions...If i am being to vague I would be happy to discuss in more detail. Thanks! -- Dain Deutschman CCNP, CSS-1, CCNA, MCP, CNA Data Communications Manager New Star Sales and Service, Inc. 800.261.0475 [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=62047&t=62047 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
