Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > VPN site to site & Remote access VPN ( vpn client) over the same interface

Reply
Thread Tools

VPN site to site & Remote access VPN ( vpn client) over the same interface

 
 
pasatealinux pasatealinux is offline
Junior Member
Join Date: Oct 2007
Posts: 14
 
      12-17-2007
Hello,

I would like to know if is it possible to have VPN site to site & remote access VPN ( vpn client soft) configured on the same interface using a PIX 515.

Currently I have a pix 515 with 2 wan interfaces conected directly to internet. One interface receives vpn site to site connections.
Interface 2 receives remote access vpn ( vpn client soft ) but this interface is the default gateway.

System is working but I have split-tunnel for remote users with vpn client soft. Then the traffic to our servers is tunneled & they can surf the internet not tunneling this traffic.

Sometimes, the interesting traffic of the remote vpn client software is not tunneled ( I saw with ethereal ). But this happens only sometimes. I want to disable split-tunnel for vpn remote access clients.

If I will disable split-tunnel for this vpn client's, then I think that they can't surf internet when they're connected to the vpn because the peer in the pix is also the default gw.

That's why I ask you to set vpn site to site and vpn client's on the same wan interface ( not the default gateway .. the other one ).

Any alternative ?

Thanks a lot.
 
Reply With Quote
 
 
 
 
pasatealinux pasatealinux is offline
Junior Member
Join Date: Oct 2007
Posts: 14
 
      12-17-2007
Quote:
Originally Posted by pasatealinux
Hello,

I would like to know if is it possible to have VPN site to site & remote access VPN ( vpn client soft) configured on the same interface using a PIX 515.

Currently I have a pix 515 with 2 wan interfaces conected directly to internet. One interface receives vpn site to site connections.
Interface 2 receives remote access vpn ( vpn client soft ) but this interface is the default gateway.

System is working but I have split-tunnel for remote users with vpn client soft. Then the traffic to our servers is tunneled & they can surf the internet not tunneling this traffic.

Sometimes, the interesting traffic of the remote vpn client software is not tunneled ( I saw with ethereal ). But this happens only sometimes. I want to disable split-tunnel for vpn remote access clients.

If I will disable split-tunnel for this vpn client's, then I think that they can't surf internet when they're connected to the vpn because the peer in the pix is also the default gw.

That's why I ask you to set vpn site to site and vpn client's on the same wan interface ( not the default gateway .. the other one ).

Any alternative ?

Thanks a lot.
Hello again, I want to have the vpn clients ( cisco vpn client software ) on the same interface where I have the vpn site2site tunnels. Is it possible ?

Thanks.
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Trying to access the PDM of a Cisco pix over a Remote Access VPN withCisco VPN Client BF Cisco 2 09-07-2008 03:00 PM
VOIP over VPN over TCP over WAP over 3G Theo Markettos UK VOIP 2 02-14-2008 03:27 PM
both Easy VPN Server and a Site-to-Site tunnel on the same interface? ksun6868 Cisco 2 01-25-2008 02:57 AM
PIX 501 Site-to-Site VPN and Remote Access VPN drhopkins@cox.net Cisco 1 11-14-2006 03:32 PM



Advertisments