You should use private addressing behind the pix and use static's from the
/29 to map to Servers, etc. behind the pix.
Why would you ever want to put public ip's behind a pix ? especially for a
vpn ? Not cool. It makes it an easier target to spoof, as apposed to RFC1918
addresses.
Answering your
Brunner Joseph wrote:
>
> You should use private addressing behind the pix and use
> static's from the /29 to map to Servers, etc. behind the pix.
>
> Why would you ever want to put public ip's behind a pix ?
> especially for a vpn ? Not cool. It makes it an easier target
> to spoof, as apposed t
, November 18, 2002 9:27 PM
To: [EMAIL PROTECTED]
Subject: RE: PIX site-to-site VPN question... [7:57648]
Brunner Joseph wrote:
>
> You should use private addressing behind the pix and use static's from
> the /29 to map to Servers, etc. behind the pix.
>
> Why would you ever wan
onday, November 18, 2002 9:27 PM
To: [EMAIL PROTECTED]
Subject: RE: PIX site-to-site VPN question... [7:57648]
Brunner Joseph wrote:
>
> You should use private addressing behind the pix and use static's from
> the /29 to map to Servers, etc. behind the pix.
>
> Why would yo
Oppenheimer [mailto:[EMAIL PROTECTED]]
> Sent: Monday, November 18, 2002 9:27 PM
> To: [EMAIL PROTECTED]
> Subject: RE: PIX site-to-site VPN question... [7:57648]
>
>
> Brunner Joseph wrote:
> >
> > You should use private addressing behind the pix and use
&g
gt; From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]]
> Sent: Monday, November 18, 2002 9:27 PM
> To: [EMAIL PROTECTED]
> Subject: RE: PIX site-to-site VPN question... [7:57648]
>
>
> Brunner Joseph wrote:
> >
> > You should use private addressing behind the pix and
-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Elijah Savage III
Sent: Monday, November 18, 2002 7:17 PM
To: [EMAIL PROTECTED]
Subject: RE: PIX site-to-site VPN question... [7:57648]
Oh yeah with the limited address space the correct term I meant to use
is PAT not to confuse an
Savage III; [EMAIL PROTECTED]
Subject: RE: PIX site-to-site VPN question... [7:57648]
okay, i should have explained better...sorry
let's break my point down to a digestable limit...
at this point i want to know how to set up the site-to-site VPN tunnel
between the two PIX's, if i u
May I also ask why you want to use private?
-Original Message-
From: Edward Sohn [mailto:[EMAIL PROTECTED]]
Sent: Monday, November 18, 2002 10:50 PM
To: Elijah Savage III; [EMAIL PROTECTED]
Subject: RE: PIX site-to-site VPN question... [7:57648]
okay, i should have explained better
TECTED]; [EMAIL PROTECTED]
Subject: RE: PIX site-to-site VPN question... [7:57648]
You have to use the public ip addresses as I stated in my last email
private is non routeable on the net, though I have seen sprint route
private by mistake from time to time :)
But that is not what confused me, wha
November 18, 2002 7:38 PM
To: [EMAIL PROTECTED]
Subject: RE: PIX site-to-site VPN question... [7:57648]
Yes,
He should use public on the outside link and then private on the inside
the setup would be much easier that way. NAT or PAT on a pix is so easy.
And I had a slight brain fart he can'
Sent: Monday, November 18, 2002 8:13 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: RE: PIX site-to-site VPN question... [7:57648]
You have to use the public ip addresses as I stated in my last email
private is non routeable on the net, though I have seen sprint route
private by mistake from time
: Elijah Savage III [mailto:[EMAIL PROTECTED]]
Sent: Monday, November 18, 2002 8:13 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: RE: PIX site-to-site VPN question... [7:57648]
You have to use the public ip addresses as I stated in my last email
private is non routeable on the net, tho
In-Line...
Perfect...
very interesting, indeed. I have long wondered about this scenario, and
have wondered how companies are implementing their site-to-site VPN's
over the internet. so you're saying (regarding your own roll out), that
your ISP assigned you two address spaces and routed your
] [mailto:[EMAIL PROTECTED]] On Behalf Of
Mark W. Odette II
Sent: Tuesday, November 19, 2002 12:19 AM
To: [EMAIL PROTECTED]
Subject: RE: PIX site-to-site VPN question... [7:57648]
The only way that you could put private addresses on the OUTSIDE
interface of the PIX (Site A), and still successfully set up
d
>
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On
> Behalf Of
> Mark W. Odette II
> Sent: Monday, November 18, 2002 9:19 PM
> To: [EMAIL PROTECTED]
> Subject: RE: PIX site-to-site VPN question... [7:57648]
>
>
> The only way that
, 2002 8:10 PM
To: [EMAIL PROTECTED]
Subject: RE: PIX site-to-site VPN question... [7:57648]
Edward Sohn wrote:
>
> Perfect...
>
> very interesting, indeed. I have long wondered about this scenario,
> and have wondered how companies are implementing their site-to-site
>
;
> -Original Message-
> From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, November 19, 2002 8:10 PM
> To: [EMAIL PROTECTED]
> Subject: RE: PIX site-to-site VPN question... [7:57648]
>
>
> Edward Sohn wrote:
> >
> > Perfect...
> >
18 matches
Mail list logo
